Security Policy
Supported Versions
We maintain the latest main branch. Please ensure you are on a recent commit before reporting issues.
Reporting a Vulnerability
- Email:
hello@cogni-x.com - Alternatively, open a confidential issue labeled
security
Please include:
- A clear description and reproduction steps
- Impact and affected environments
- Suggested remediation if known
We aim to acknowledge within 72 hours and provide a fix or mitigation timeline after triage.
Scope
This policy covers:
- Inference and configuration misuse leading to unsafe behavior
- Data leakage, PII exposure, or privacy concerns
- License or attribution compliance issues
Responsible Disclosure
Do not publicly disclose vulnerabilities before coordinated release of a fix or mitigation. We appreciate your help keeping the community safe.