If you discover a security vulnerability in this repository's code or tooling:

1. Do not open a public issue.
2. Use GitHub Security Advisories (private report) in this repository.
3. If private advisories are unavailable, open an issue with minimal detail and request a private contact channel.
4. Include:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if available)

Target response time: within 72 hours.

This repository is for defensive and educational research. If you discover a vulnerability in an external AI system:

1. Follow responsible disclosure practices
2. Contact the affected vendor's security team
3. Allow reasonable patching time (typically 90 days)
4. Avoid public disclosure before remediation

• Security issues in tools and scripts in this repository
• Vulnerable defaults or unsafe behaviors in included examples
• Documentation errors that could cause unsafe use

• Vulnerabilities in third-party/commercial AI services
• Feature requests
• General AI security discussions (use Discussions)

Security fixes are:

1. Committed to main
2. Noted in CHANGELOG.md
3. Published via Security Advisory when appropriate

• Use this project only on systems you own or are authorized to test.
• Follow applicable laws and regulations.
• Do not use these techniques to cause harm.

Last updated: February 2026