If you discover a security vulnerability, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, email interviewoptimiser@bhekani.com with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You should receive a response within 48 hours. We will work with you to understand and address the issue before any public disclosure.
| Version | Supported |
|---|---|
| Latest | Yes |
This policy covers the Interview Optimiser codebase and its deployed instance at interviewoptimiser.com.
Out of scope:
- Third-party services (Clerk, Stripe, Hume AI, etc.)
- Social engineering attacks
- Denial of service attacks