Preferred: Use GitHub Security Advisories to report vulnerabilities privately.

Alternative: Email protoscience@anulum.li with:

1. Description of the vulnerability
2. Steps to reproduce
3. Impact assessment (which components are affected)
4. Suggested severity (Critical / High / Medium / Low)

We follow CVSS v3.1 scoring:

SPO operates in environments ranging from research simulations to safety-critical control systems. The threat model covers:

• Binding specifications: validated against JSON schema at load time. Malformed YAML cannot reach the engine.
• Phase arrays: checked for finite values, correct dimensions. NaN/Inf inputs are rejected by the Rust kernel.
• Coupling matrices: validated for shape, diagonal zeros, and non-negativity (where required by geometry constraints).

• SHA256 hash chain: each audit record includes the hash of the previous record. Tampering with any record breaks the chain.
• Replay verification: deterministic replay detects divergences from the audit trail, catching both tampering and non-determinism.

• All CI dependencies are SHA-pinned (not floating tags).
• Bandit security scanner runs on every commit (pre-commit + CI).
• Ruff linter flags common security anti-patterns.
• No eval(), exec(), or pickle.loads() in the codebase.

• Rate limits: actuation layer enforces maximum parameter change per step, preventing discontinuous jumps that destabilise dynamics.
• Regime FSM: hard violations force CRITICAL regime regardless of supervisor policy, preventing unsafe control actions.
• Boundary observer: monitors safety limits independently of the supervisor, providing defense-in-depth.

• Do not disclose publicly before a fix is released.
• We will credit reporters in the CHANGELOG unless anonymity is requested.
• Security advisories are published via GitHub after the fix is available.
• CVE identifiers are requested for Critical and High severity issues.

Email: protoscience@anulum.li GitHub Security Advisories: Report here PGP: Available on request for encrypted communication.