Skip to content

Security

Reporting a Vulnerability

We take security seriously. If you discover a vulnerability, please follow these steps:

  1. Go to our Report a vulnerability page on GitHub
  2. Provide a clear description of the vulnerability
  3. Include steps to reproduce if possible
  4. Allow us time to investigate before public disclosure

Do not open a public issue for security vulnerabilities.

Response Timeline

  • Acknowledgment: Within 5 business days
  • Resolution target: 90 days from report

Scope

In Scope

  • claudeforge.vercel.app
  • GitHub repository code

Out of Scope

  • Third-party services
  • Supabase infrastructure
  • Vercel platform

Safe Harbor

We consider security research conducted in accordance with this policy to be authorized and will not pursue legal action against researchers who follow responsible disclosure practices.

Hall of Fame

No reports yet. Be the first responsible reporter!

This site publishes a security.txt file in compliance with RFC 9116.