SafeBite is distributed as a single, always-latest browser extension. Only the most recent released version receives security fixes.
Please do not open a public issue for security problems.
- Preferred: open a private report via GitHub (Security → Report a vulnerability).
- Or email 86larryli@gmail.com.
Include steps to reproduce and the affected version. You'll get an acknowledgement as soon as possible, and a fix or mitigation will be coordinated before any public disclosure.
SafeBite runs entirely in the browser with no backend. The most relevant
surfaces are: the content scripts injected on Google Maps, the background service
worker that queries county health-inspection Sources, and the
declarativeNetRequest rule used for the San Mateo County portal request.
Reports about data exfiltration, injection, or excessive permissions are
especially welcome.