جارٍ تحميل سيرتك…Loading Seertak…
جارٍ تحميل سيرتك…Loading Seertak…
Trust and security
Security is a release requirement, not a marketing claim. Seertak uses layered controls for account access, private documents and untrusted CV content, and verifies those controls before deployment.
CVs have no public URLs. Database access policies and server-side ownership checks restrict document and photo operations to the signed-in owner. Guest work remains local until you choose to import it.
Mutations require authenticated ownership and same-origin browser requests. External input is bounded and validated. LaTeX text is escaped, raw commands are rejected, and CV content is not sent to public compilers.
Session cookies are refreshed on the server. Internal redirects are allowlisted, account entry points support abuse checks, and document mutations are rate limited without imposing usage credits or paid quotas.
Report suspected vulnerabilities through GitHub private vulnerability reporting. Do not open a public issue with proof-of-concept details, credentials or personal CV data, and do not test against other users or production data.
Before public release, database policies, authorization boundaries, dependency audits, browser tests, security headers and secret scans must pass. This page does not claim that software can be guaranteed free of vulnerabilities.
Last updated: 12 July 2026