If you discover a security vulnerability within this tool, please follow these steps:

1. Do Not create a public GitHub issue for security vulnerabilities
2. Send a detailed description to the maintainer via GitHub
3. Include the following information:
   • Type of vulnerability
   • Full paths of source file(s) related to the vulnerability
   • Location of the affected source code
   • Step-by-step instructions to reproduce the issue
   • Proof-of-concept or exploit code (if possible)
   • Impact of the issue

• Response Time: We aim to respond within 48 hours
• Status Updates: We will provide updates on the vulnerability status
• Credit: Security researchers who report valid issues will be credited (if desired)

1. Backup Location

   • Store backups in secure locations
   • Avoid public or shared folders for sensitive data
   • Consider encrypting backup folders

2. Browser Closure

   • Always close browsers before backup/restore
   • The tool will warn you if a browser is running

3. Manifest Verification

   • Always verify manifest.json before restoring
   • Check the backup metadata matches your expectations

4. Existing Profile Backup

   • The tool automatically backs up existing profiles before restore
   • Old profiles are renamed with .backup_TIMESTAMP suffix

• Browser profile folders in %LOCALAPPDATA% and %APPDATA%
• Registry keys for browser detection (read-only)
• File system for backup/restore operations

• ❌ Transmit data over the network
• ❌ Access browser passwords (though stored files may contain encrypted data)
• ❌ Collect telemetry or analytics
• ❌ Modify system files
• ❌ Install additional software

Security updates will be released as patch versions (e.g., 1.0.1) and announced through:

• GitHub Releases
• Project README

When contributing to this project:

• Do not introduce new dependencies
• Do not add network communication
• Do not add telemetry or tracking
• Follow secure coding practices

Thank you for helping keep this project secure!