This project must not collect, request, store or transmit Vibemode passwords, API keys, cookies, or browser profile folders.
- Users log in directly on
https://portal.vibemod.pro/client. - The overlay opens a local browser profile and reuses that session.
- The app reads usage values from the Vibemode cabinet API using the user's existing local browser session, with visible-page parsing as a fallback.
- No password field is exposed by the app.
- The app has no telemetry, backend, or analytics endpoint.
- The browser runs hidden after successful login by default. A visible Chrome window is opened only when the user needs to log in again.
Playwright stores browser cookies/session files in the selected profile directory. By default this is:
%USERPROFILE%\.neurogate-usage-overlay\browser-profile
This folder is local-only and must not be committed to GitHub.
The last good parsed snapshot and local logs are stored under:
%USERPROFILE%\.neurogate-usage-overlay\
These files can contain account labels, request IDs, and usage numbers. Treat them as private local data.
.env- cookies
- browser profiles
- HAR/trace files
- screenshots with private account data
- API keys, passwords or tokens
Open a private security advisory in the GitHub repository or contact the repository owner. Do not paste credentials into issues.