This project is provided as an open-source portfolio artifact. Security patches are provided for the latest version only.
If you discover a security vulnerability in SentryIQ, please report it responsibly. Do NOT open a public GitHub issue.
Contact: andre.obiuzo@gmail.com
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested remediation (optional)
You will receive an acknowledgment within 48 hours, and a detailed response within 5 business days.
This policy covers:
- API key exposure or credential leakage
- Authentication or authorization bypass
- Cross-site scripting, CSRF, or other web application vulnerabilities
- Dependency vulnerabilities in package.json
Out of scope:
- Vulnerabilities in the OpenAI API (report to OpenAI)
- IAM policy misconfigurations intentionally surfaced by the tool (that is the tool's purpose)