update documentation

RubenHalman · RubenHalman · commit 13209d1b9e80 · 2025-11-02T05:15:59.000+01:00
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -1,8 +1,6 @@
 ## Contributing Guidelines
 
-### Our Journey: Shaping Flow Analysis Since 2021
-
-Since 2021, the _Lightning Flow Scanner_ has grown from its roots in CLI and VS Code tools to empower Salesforce Developers across six free and open-source platforms—from CLI tools to native Salesforce apps—delivering a unified experience for robust static analysis of Flows. Our dedicated community has shared their expertise to deepen understanding of Flow optimization. Your support can amplify our impact. Here’s how you can contribute:
+Since 2021, the _Lightning Flow Scanner_ has grown from its roots as VS Code tool to empower Salesforce Developers across six free and open-source platforms—from developer tools to native Salesforce App—delivering a unified experience for robust static analysis of Flows. Our dedicated community has shared their expertise to deepen understanding of Flow optimization. Your support can amplify our impact. Here’s how you can contribute:
 
 - ⭐ Starring the project to show your support
 - 📢 Sharing our work with your network
diff --git a/SECURITY.md b/SECURITY.md
@@ -5,14 +5,17 @@
 - Code is open-source and peer-reviewed by the community.
 - Vulnerabilities can be reported privately via GitHub security features.
 - Changes to the repository are scanned and reviewed before merging.
+- Tokenless Publishing with scoped npm packages and releases via GitHub Actions Trusted Publishing (OIDC).
 
 ## Reporting a Vulnerability
 
 If you discover a security vulnerability, please report it using [GitHub vulnerability reporting](https://github.com/Flow-Scanner/lightning-flow-scanner-core/security).
 
 ## Data Handling
 
-This project collects zero user data. No credentials, PII, payment info, or health data is ever stored, transmitted, or shared. All analysis runs 100% client-side with no network calls to any external services.
+This tool collects zero user data. No credentials, PII, payment info, health data, or user content is ever stored, transmitted, or shared. All analysis runs 100% client-side with no network calls to external services.
+
+We temporarily use metadata (e.g., Flow metadata, timestamps) in-memory only for real-time functionality during your session. This data is never stored, logged, or transmitted and is discarded immediately when the session ends.
 
 ## Dependencies
 
diff --git a/readme.md b/readme.md
@@ -12,8 +12,8 @@
   - [Configuring Expressions](#configuring-expressions)
   - [Specifying Exceptions](#specifying-exceptions)
   - [Include Beta Rules](#include-beta-rules)
-- [Usage](#installation)
-  - [Install As Dependency](#install-as-dependency)
+- [Usage](#Usage)
+  - [Installation](#installation)
   - [Core Functions](#core-functions)
 - [Development](#development)
 
@@ -226,11 +226,9 @@ New rules are introduced in Beta mode before being added to the default ruleset.
 
 ## Usage
 
-The Lightning Flow Scanner Core can be used as a dependency in Node.js and browser environments, or as a standalone UMD module.
+### Installation
 
-### Install As Dependency
-
-To install the module as a dependency run:
+The Lightning Flow Scanner Core can be used as a dependency in Node.js and browser environments, or used as a standalone UMD module. To install:
 
 ```bash
 npm install @flow-scanner/lightning-flow-scanner-core
