# Pitfall Log

Project: gptme/gptme

Summary: Found 21 structured pitfall item(s), including 1 high/blocking item(s). Top priority: Security or permission risk - Security or permission risk requires verification.

## 1. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/gptme/gptme/issues/2667

## 2. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v0.31.1.dev20260525
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260525
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260525

## 3. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v0.31.1.dev20260604
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260604
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260604

## 4. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/gptme/gptme/issues/2982

## 5. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a configuration risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.host_targets | https://github.com/gptme/gptme

## 6. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: feat(patch): add patch_anchored tool — hash-anchored editing with atomic verify-apply
- User impact: Developers may misconfigure credentials, environment, or host setup: feat(patch): add patch_anchored tool — hash-anchored editing with atomic verify-apply
- Evidence: failure_mode_cluster:github_issue | https://github.com/gptme/gptme/issues/2667

## 7. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v0.31.1.dev20260504
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260504
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260504

## 8. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v0.31.1.dev20260511
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260511
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260511

## 9. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v0.31.1.dev20260518
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260518
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260518

## 10. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v0.31.1.dev20260521
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260521
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260521

## 11. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v0.31.1.dev20260601
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260601
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260601

## 12. Capability evidence risk - Capability evidence risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: README/documentation is current enough for a first validation pass.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.assumptions | https://github.com/gptme/gptme

## 13. Runtime risk - Runtime risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this runtime risk before relying on the project: v0.31.1.dev20260608
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260608
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260608

## 14. Maintenance risk - Maintenance risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this migration risk before relying on the project: v0.31.1.dev20260507
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260507
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260507

## 15. Maintenance risk - Maintenance risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a maintenance risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/gptme/gptme

## 16. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: downstream_validation.risk_items | https://github.com/gptme/gptme

## 17. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: risks.scoring_risks | https://github.com/gptme/gptme

## 18. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/gptme/gptme/issues/2949

## 19. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: issue_or_pr_quality=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/gptme/gptme

## 20. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: release_recency=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/gptme/gptme

## 21. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: v0.31.1.dev20260514
- User impact: Upgrade or migration may change expected behavior: v0.31.1.dev20260514
- Evidence: failure_mode_cluster:github_release | https://github.com/gptme/gptme/releases/tag/v0.31.1.dev20260514