Skip to content

Add SECURITY.md with coordinated-disclosure contact #392

Closed
Feature
#417
Closed
Add SECURITY.md with coordinated-disclosure contact#392
Feature
#417
Assignees
marcorusso97
Labels
documentationImprovements or additions to documentation
Milestone
v1
@franconicola

Description

@franconicola
Nicola Franco (franconicola)
opened on May 24, 2026

Problem.
A security-testing toolkit without a SECURITY.md is a bad look and leaves researchers no canonical disclosure channel.

Actions.

  • Write a SECURITY.md at the repo root with: (a) supported-versions table, (b) reporting contact (ais@ai4i.it), (c) expected response SLA, (d) PGP key if applicable.
  • Link it from README.md and CONTRIBUTING.md.
  • Enable GitHub's "Private vulnerability reporting" if the repo is on GitHub.

Acceptance:
SECURITY.md exists at repo root, linked from README, references a working contact.

Metadata

Metadata

Assignees

Labels

documentationImprovements or additions to documentation

Type

Feature

Fields

No fields configured for Feature.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions