Please report suspected security vulnerabilities by email to info@ime.life. Do not open a public GitHub issue for a security-sensitive report.

Include in your report: a description of the issue, reproduction steps or proof-of-concept, the affected version or commit, and your assessment of impact. PGP encryption is not required.

We aim to acknowledge receipt within 7 business days and to provide a remediation plan or explicit triage disposition within 30 business days for reports rated critical and 90 days for everything else. If the issue requires coordinated disclosure, we will agree on a date with you before publication.

• The ifixai Python package as published from this repository.
• The ifixai CLI entrypoint.
• The packaged fixtures under ifixai/fixtures/.

• User-supplied fixtures and prompts. The project does not validate the content of arbitrary user fixtures beyond the JSON-schema structural checks in ifixai/fixtures/schema.json; treat your own fixtures as trusted input.
• Third-party LLM provider endpoints. Bugs in OpenAI / Anthropic / Gemini / etc. are their responsibility.
• The user's own API keys and credentials. The project reads these from environment variables and never persists them; if you commit a key to your own repository, rotate it immediately.
• Packages that depend on ifixai. Report via those projects' own channels.

ifixai/providers/secrets.py scrubs recognisable secret patterns from any payload before the manifest is written to disk. This is defence in depth, not a replacement for hygiene:

• Never commit .env or any file containing API keys. .gitignore excludes .env at the repo root; keep it that way. Use environment variables exclusively.
• Prefer short-lived tokens over long-lived API keys where the provider supports them.
• Rotate any key that was exposed anywhere, including local shells on shared machines, log files, or screen-shares. Rotation must be immediate — the blast radius of a leaked key is higher than the friction of rotating it.
• Do not paste scorecard JSON into third-party web tools (diagram renderers, pastebins, gists) without first confirming no inspection response contains sensitive material. Scorecards capture full model inputs and outputs; those may include content users did not intend to publish.

The scrubber (ifixai/providers/secrets.py::scrub_secrets) is parametrically verified against every provider registered in ifixai.providers.resolver.REGISTERED_PROVIDERS. Each registered provider has at least one credential shape that is matched and replaced with a provider-tagged redaction token:

Generic Authorization: Bearer <token> and X-API-Key: <value> headers are scrubbed case-insensitively regardless of provider. Providers using custom auth schemes that do not match one of the shapes above fall back to the bearer-token regex when the value appears in a standard HTTP header.

We prefer coordinated disclosure. If you give us at least the window described under Reporting a vulnerability above before publishing, we will credit you in the release notes of the fixing version — unless you request otherwise.

• Issue a bug bounty. The project is open source, operated as a community resource.
• Accept reports about behaviours that are explicitly documented as intentional in README.md or docs/.
• Accept reports whose sole impact is self-DoS via pathological fixture content.

Security fixes are issued only for the most recent minor version. Users on older minor versions should upgrade.