We take security seriously and appreciate coordinated disclosure of vulnerabilities.
- Report security issues: Email
security@director.runwith details and reproduction steps. Please include impact, affected components/versions, and any proof-of-concept. - Acknowledgement: We will acknowledge receipt within 2 business days and provide a tracking reference.
- Communication: We will share remediation progress at least weekly until resolution and coordinate a responsible disclosure timeline.
- Scope: All Director-owned code, services, and domains.
- Safe harbor: If you follow this policy, test only your own accounts/data, and avoid privacy violations or service disruption, we will not pursue or support legal action against you for your research.
Thank you for helping keep our community safe.