If you discover a security vulnerability in this project, please do not open a public issue.
Instead, report it via one of these channels:
- Email: security@ghost-ship-ai.dev
- GitHub Security Advisories: Use the "Report a vulnerability" button on this repository's Security tab
- We will acknowledge your report within 48 hours
- We will provide an initial assessment within 7 days
- Critical vulnerabilities will be prioritized for immediate patching
- You will be credited in the security advisory (unless you prefer otherwise)
| Version | Supported |
|---|---|
| Latest release | Yes |
| Previous minor | Best effort |
| Older | No |
This policy covers the code in this repository. For vulnerabilities in dependencies, please report to the upstream dependency maintainer and open an issue here referencing the CVE.
This repository is maintained by automated agents. Security reports are handled with elevated priority and may involve human oversight for critical issues.