SystemsLabs promotes ethical security research and coordinated disclosures. If you find a security issue in any SystemsLabs project, kindly notify us privately for investigation and resolution.

Email: security@systemslabs.dev

Alternatively, use GitHub Private Security Advisories.

Please report vulnerabilities privately and include:

• Issue description
• Steps to reproduce the issue
• Affected project or module
• Potential impact, where applicable

Kindly refrain from any public announcements until a solution is found.

Don'ts:

• Publicly disclose vulnerabilities without coordination
• Engage in any form of social engineering
• Test your skills via denial-of-service attacks
• Access, modify, or exfiltrate data that is not yours
• Perform unauthorized access to systems or accounts

SystemsLabs aims to:

1. Acknowledge reports according to the SLA below.
2. Investigate the issue.
3. Work on mitigations.
4. Coordinate disclosure after the issue is resolved.

Coordination enables responsible disclosure. The issue can be publicly announced only after addressing it.

The policy applies to SystemsLabs repositories, documents, automation, and any project-related infrastructure.