Skip to content

Security: sirosfoundation/docs

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in any Siros Foundation repository, please report it responsibly.

Do NOT open a public GitHub issue.

Contact

What to include

  • Repository and branch/tag affected
  • Steps to reproduce or proof of concept
  • Impact assessment (if known)

Response timeline

  • Acknowledgement: within 2 business days
  • Initial assessment: within 5 business days
  • Fix or mitigation: depends on severity, typically within 30 days for critical issues

Scope

This policy applies to all repositories under the sirosfoundation GitHub organization.

Recognition

We credit reporters in release notes (unless you prefer anonymity).

There aren't any published security advisories