mirror of
https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git
synced 2026-06-18 07:19:35 +00:00
21 lines
909 B
Markdown
21 lines
909 B
Markdown
# Security policy
|
|
|
|
## Reporting a vulnerability
|
|
|
|
Please **do not** open a public GitHub issue for security reports.
|
|
|
|
1. Open a **private security advisory** for this repository (GitHub → **Security** → **Advisories** → **Report a vulnerability**), or
|
|
2. Contact the repository maintainers through a private channel you already use for this project.
|
|
|
|
Include:
|
|
|
|
- A short description of the issue and affected components (paths or features).
|
|
- Steps to reproduce (proof-of-concept) if safe to share.
|
|
- Whether you believe the issue is actively exploitable in production.
|
|
|
|
We will aim to acknowledge receipt within a reasonable timeframe and coordinate remediation and disclosure.
|
|
|
|
## Secrets
|
|
|
|
Never commit real API keys, tokens, `DATABASE_URL`, or Moyasar keys. Use Railway variables and GitHub Actions secrets. See `dealix/docs/SECURITY_SECRET_ROTATION_CHECKLIST.md` if a secret may have been exposed.
|