Skip to content

Security: Design-Enginnering/made-in.app

Security

SECURITY.md

Security

This document is for security vulnerabilities in the project's code or infrastructure, for example, validation bypasses, deploy-script bugs, or secrets exposure.

Scope

In scope: vulnerabilities in the validation logic, the deploy workflow, the DNS-sync script, or abuse vectors that allow bypassing the registration controls.

Out of scope: the contents of user-controlled subdomains, which are the responsibility of the subdomain owner.

Reporting abusive subdomain content

Do not email administrator@made-in.app for abusive subdomain content. Open a report-abuse issue against this repository — see CONTRIBUTING.md for the workflow.

There aren't any published security advisories