Skip to content

Latest commit

 

History

History
34 lines (21 loc) · 774 Bytes

File metadata and controls

34 lines (21 loc) · 774 Bytes

Security Policy

Supported scope

This repository contains the OSS desktop workspace and runtime stack.

We treat these classes of issues as security-sensitive:

  • credential, token, or secret exposure
  • remote code execution
  • sandbox escape or privilege escalation
  • auth bypass
  • unsafe default configuration that exposes a local runtime or user data

Reporting

Do not file public GitHub issues for security vulnerabilities.

Report vulnerabilities privately to:

  • admin@holaboss.ai

Include:

  • affected commit or release
  • reproduction steps
  • impact assessment
  • any proposed mitigations if you have them

We will acknowledge receipt and triage privately.

Disclosure

Please give us reasonable time to validate and fix issues before public disclosure.