# Security Policy
## About This Project
The React Native MCP Server is a local development tool that provides React Native best practices and guidance through the Model Context Protocol. It runs locally and does not process or store sensitive user data.
## Supported Versions
| Version | Supported |
| ------- | ------------------ |
| 1.0.x | :white_check_mark: |
## Security Considerations
This MCP server:
- Runs locally on your development machine
- Does not make external network requests
- Does not store or process sensitive data
- Provides read-only guidance and documentation
- Uses stdio transport for local communication only
## Reporting Security Issues
If you discover a potential security issue, please:
1. **Do NOT** create a public GitHub issue
2. Create a private vulnerability report on GitHub or contact the maintainer
3. Include:
- Description of the issue
- Steps to reproduce
- Your assessment of the impact
## Safe Usage
To use this MCP server safely:
- Only install from official sources (GitHub releases or npm)
- Keep your Node.js and dependencies updated
- Run in isolated development environments when possible
- Review the source code if you have security concerns
## Response Timeline
- Initial response: Within 7 days
- Status updates: As needed during investigation
- Resolution: Based on severity and complexity
Thank you for helping keep the React Native development community secure!