| Version | Supported |
|---|---|
| Latest | Yes |
Do not report security vulnerabilities through public GitHub issues.
- Navigate to the repository's Security tab
- Click "Report a vulnerability"
- Fill out the advisory form with details
- Submit the report
Email security concerns to: security@organvm.dev
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
| Timeline | Action |
|---|---|
| Within 48 hours | Acknowledgment |
| Within 7 days | Assessment and severity classification |
| Within 30 days | Fix deployed (critical/high severity) |
- Never commit secrets, API keys, or credentials
- Use environment variables for sensitive configuration
- Keep dependencies updated
- Follow secure coding practices per CONTRIBUTING.md
Part of the organvm eight-organ system Last updated: 2026-02-10