Skip to content

Security: BruceL017/surface-guard

Security

SECURITY.md

Security Policy

Surface Guard is a privacy research extension for defensive fingerprint reduction. Please report security issues privately before public disclosure.

Supported Versions

Only the current main branch is supported before the first stable release.

Reporting a Vulnerability

Open a private security advisory on GitHub if available, or contact the maintainers through the repository owner. Include:

  • A clear description of the issue and affected files.
  • Steps to reproduce.
  • Whether the issue can leak seed, salt, policy, page data, or raw fingerprint values.
  • Whether the issue adds host permissions, external network behavior, remote scripts, or page-boundary leakage.

Do not include exploit guidance for no anti-sybil bypass, no risk-control evasion, no anti-cheat evasion, no bulk accounts, or any claim of no promise of undetectability.

Security Boundaries

Fresh installs must remain inert. The extension must not declare default host permissions, static content scripts, web accessible resources, telemetry, remote config, or external network exfiltration. Optional host access and an enabled policy are required before protections run.

There aren't any published security advisories