github-pick is almost entirely local: a zero-dependency Node build script
(scripts/build-data.mjs) turns config.json + sessions/*.json into data.js, and a
static dashboard (index.html) renders it from file://. github-pick ships no
credentials and stores none.
If you find a security issue, please open a private report through GitHub security advisories when available, or contact the maintainer through the GitHub profile linked in this repository. Please do not file public issues for security-sensitive reports.
The actual GitHub searching and judging is done by whatever AI agent you run inside the
folder, using your own gh CLI / agent web tools and your own GitHub access. github-pick
itself never asks for, reads, or stores a token. The build script makes no network
calls at all. The dashboard runs locally and stores per-project "studied" / "hidden"
state in your browser's localStorage.
- Dashboard rendering of session content. Project names, descriptions, and digests in
sessions/*.jsonoriginate from external sources (GitHub repositories) and are attacker-influenceable text. The dashboard escapes all session-derived text before it reaches the DOM, and project links are restricted twice: the build script only acceptshttps://github.com/…URLs, and the renderer additionally refuses non-http(s) schemes. A change that introduces unescaped rendering or weakens the URL checks is in scope. - Build-time validation.
scripts/build-data.mjsvalidates every session against the schema (required fields,owner/reponames,https://github.com/…URLs, dates, tag emoji) and refuses to regeneratedata.json any error. Weakening this validation is in scope; its unit tests live inscripts/build-data.test.mjs. - Local path handling when reading
sessions/*and writingdata.js(e.g. path traversal via a crafted session filename or slug). - External resources in the dashboard.
index.htmlloads one web font from a public CDN (jsDelivr). Adding further third-party scripts or trackers to the page is in scope; prefer keeping the dashboard self-contained. - Credential handling. github-pick stores no GitHub tokens. The optional
ghCLI uses your own authenticated session; do not commit tokens,.envfiles, or any credentials.
It keeps the build path zero-dependency and offline, never persists credentials, confines
user progress to local localStorage, and keeps generated data (data.js) and any private
sessions inside your own checkout.