| Version | Supported |
|---|---|
| 0.2.x | Yes |
| 0.1.x | Yes |
If you discover a security vulnerability, please report it privately:
- Email: gfernandf+security@gmail.com
- Subject:
[SECURITY] agent-skill-registry — <brief description> - Include: affected version, reproduction steps, and potential impact.
Do NOT open a public GitHub issue for security vulnerabilities.
We will acknowledge receipt within 48 hours and aim to provide a fix or mitigation within 7 business days for critical issues.
This policy covers:
- The
agent-skill-registry(this repository) - Capability and skill YAML definitions
- Governance tooling shipped in this repository
Third-party tools and external integrations are outside scope.