Add transparency disclaimer and responsible disclosure invitation

DeusData · DeusData · commit 8eb00c2d37cc · 2026-04-12T21:03:08.000+01:00
- SECURITY.md: new Transparency &amp; Disclaimer section at the top with
  honest description of filesystem access patterns and liability scope;
  new Help Us Stay Secure section actively inviting security research
  with a defined scope and promise of fast response + public credit
- README.md: Security &amp; Trust callout after the intro paragraph — brief,
  direct, links to SECURITY.md for full context
diff --git a/README.md b/README.md
@@ -16,6 +16,8 @@
 
 High-quality parsing through [tree-sitter](https://tree-sitter.github.io/tree-sitter/) AST analysis across all 66 languages, enhanced with LSP-style hybrid type resolution for Go, C, and C++ (more languages coming soon) — producing a persistent knowledge graph of functions, classes, call chains, HTTP routes, and cross-service links. 14 MCP tools. Zero dependencies. Plug and play across 10 coding agents.
 
+> **Security & Trust** — This tool reads your codebase and writes to your agent configuration files. That is what it is designed to do. If you prefer to audit before running, the [full source is here](https://github.com/DeusData/codebase-memory-mcp) — every release binary is signed, checksummed, and scanned by 70+ antivirus engines before publication. Found a security issue? We want to know — see [SECURITY.md](SECURITY.md). Security is Priority #1 for us.
+
 <p align="center">
   <img src="docs/graph-ui-screenshot.png" alt="Graph visualization UI showing the codebase-memory-mcp knowledge graph" width="800">
   <br>
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,5 +1,29 @@
 # Security Policy
 
+## Transparency & Disclaimer
+
+codebase-memory-mcp interacts deeply with your filesystem. It reads source files across your entire codebase, writes to agent configuration files, and spawns background processes. This is inherent to what it does — not a bug.
+
+**If you are uncomfortable with these access patterns**, please audit the source code before running. The full source is available in this repository. Every release binary is reproducibly built from this source and can be independently verified via SLSA provenance, Sigstore signatures, and SHA-256 checksums (see [Verification](#verification) below).
+
+We are humans and can make mistakes. We take security seriously — it is Priority #1 for this project — but we cannot guarantee perfection. By using this software you accept responsibility for evaluating whether it meets your own security requirements.
+
+## Help Us Stay Secure
+
+**We actively invite security researchers to try to break this project.**
+
+If you find a vulnerability — anything from a logic bug to a remote code execution — we want to know. You will receive a fast response, public credit (if you want it), and the knowledge that you helped make a tool used by developers worldwide more secure.
+
+What we consider in scope:
+
+- Arbitrary code execution via MCP tool inputs or CLI arguments
+- File reads or writes outside the indexed project root
+- Shell injection through any code path
+- Binary tampering or supply chain attacks
+- Privilege escalation or sandbox escapes
+
+Please report **privately** rather than as a public issue so we can fix before public disclosure. See below for how.
+
 ## Reporting a Vulnerability
 
 If you discover a security vulnerability, please report it responsibly:
