Have you discovered a bug, exploit, or safety issue in any Lackadaisical Security AI project? We appreciate responsible reporting.
- Sign your message with a PGP key:
My Public Key is available at: https://lackadaisical-security.com/
-
Send email to: admin@lackadaisical-security.com
-
Provide:
- Agent name (e.g. Lackadaisical-AI-Chat, LTES, etc.)
- Description of the vulnerability
- Steps to reproduce, versions affected
- Any proof-of-concept or logs
- Our acknowledgment: within 48 hours
- Disclosure status update: within 7 days
- Coordinated patch or mitigation plan: within 14 days
Confirmed issues will receive a CVE and remediation credits. We do not threaten legal action for ethical disclosures.
All vulnerability reports should be signed with a valid PGP key.
Our official key is associated with admin@lackadaisical-security.com and published at:
🔑 https://lackadaisical-security.com/Lackadaisical_public.asc Fingerprint: *0C52 9D5E B799 EBC2 7C11 C9A1 0502 B195 B75E 7C87
Even if your report is sent from a different email (e.g., security@ or support@), please use this key to verify or encrypt sensitive content. Only the admin key is used to decrypt disclosures.
:contentReference[oaicite:4]{index=4}