Claumon is a lightweight, personal notification bridge for local development use. It is designed for trusted single-user environments — not multi-tenant, production, or enterprise deployments.

Claumon assumes:

• The Flask service runs on 127.0.0.1 (localhost only) and is not exposed to the internet
• The user controls the machine where the service and hooks run
• The Telegram bot token and chat ID are kept private
• The user reviews every tool approval request before tapping a button

• Optional API key authentication (CLAUMON_API_KEY) on all endpoints except /health
• Per-endpoint rate limiting to prevent abuse
• HTML escaping of all user content before embedding in Telegram messages
• Shell injection prevention via jq -n --arg (no string interpolation in hook scripts)
• Per-invocation temp files with trap cleanup to prevent race conditions
• Rotating audit log of all operations
• Auto-expiry of stale pending requests (5 minutes)
• PreToolUse hooks fail-open only when the service is unreachable (timeout = deny)

• End-to-end encryption of Telegram messages (Telegram Bot API does not support this)
• Multi-factor authentication beyond Telegram's own login security
• Sandboxing or validation of approved commands — if you tap "YES", the command runs with your privileges
• Protection against a compromised Telegram bot token (an attacker with your token could send fake approvals)
• TLS/HTTPS termination (use a reverse proxy if exposing beyond localhost)
• Input validation of command content — it forwards what Claude sends and executes what you approve

• Keep your TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID private. Never commit them to version control.
• Set CLAUMON_API_KEY to prevent unauthorized local processes from calling the API.
• Do not expose port 9000 to the public internet. If you must access remotely, use SSH tunneling or a reverse proxy with HTTPS and authentication.
• Always read the full command or tool input in Telegram before approving.
• Use the debounce delay (CLAUMON_SEND_DELAY) to filter out transient requests that resolve on their own.
• Regularly review the audit log at ~/.claude/claumon-audit.log.

There is no formal security team. If you find a vulnerability:

1. Do not open a public issue if the vulnerability could be exploited before a fix is available.
2. Instead, email the maintainer or use GitHub's private vulnerability reporting on this repository.
3. Include steps to reproduce, impact assessment, and any suggested fix.

Expect a response within a reasonable timeframe. Fixes will be released as patch versions.

This software is provided "as is" without warranty of any kind. The authors disclaim all liability for any damages, data loss, security incidents, unauthorized access, or other harm arising from the use or misuse of this tool. See LICENSE for the full legal text.