Skip to content

Security: Syncrobotic/.github

Security

SECURITY.md

πŸ”’ Security Policy

We take the security of SyncRobotic systems seriously. Thank you for helping keep our platform and users safe.

Reporting a vulnerability

Please do not open a public issue for security problems. Public disclosure before a fix puts users at risk.

Report privately through either channel:

  1. GitHub private advisory (preferred) β€” on the affected repository, go to Security β†’ Advisories β†’ Report a vulnerability. This opens a private thread with the maintainers.
  2. Email β€” security@syncrobotic.com with the details below.

Please include:

  • A description of the vulnerability and its impact.
  • Steps to reproduce (proof-of-concept if possible).
  • Affected repository, version/commit, and environment.
  • Any suggested remediation.

What to expect

Stage Target
Acknowledgement of your report within 3 business days
Initial assessment & severity triage within 7 business days
Fix or mitigation plan communicated after triage, based on severity

We'll keep you updated through the process and credit you (if you wish) once the issue is resolved.

Responsible disclosure

  • Give us reasonable time to investigate and remediate before any public disclosure.
  • Do not access, modify, or delete data that isn't yours, and avoid privacy violations, service degradation, or data destruction while testing.
  • Act in good faith β€” we won't pursue action against researchers who follow this policy.

Scope

This policy covers repositories under the Syncrobotic organization. For anything else, email us and we'll route it.

There aren't any published security advisories