Skip to content

Security: robonet-ai/.github

Security

SECURITY.md

Security policy

Reporting a vulnerability

Please do not disclose an unpatched vulnerability in a public issue, discussion, or pull request.

Use GitHub's Report a vulnerability option in the Security tab of the affected repository when it is available. Include:

  • the affected repository, revision, and component;
  • the impact and conditions required to reproduce it;
  • a minimal proof of concept or clear reproduction steps;
  • any suggested mitigation;
  • whether the issue has been disclosed elsewhere.

If private vulnerability reporting is not available for the affected repository, contact a RoboNet maintainer through their public GitHub profile and ask for a private reporting channel without including vulnerability details in the initial message.

We will acknowledge actionable reports, assess impact, and coordinate a fix and disclosure timeline. Please allow maintainers reasonable time to investigate before any public disclosure.

Scope

This policy covers code and hardware designs maintained in the robonet-ai organization. Third-party services, dependencies, robot firmware, headsets, and repositories linked but not maintained by RoboNet are outside our direct control; report those issues to their respective maintainers as well.

For ordinary bugs and support requests, use the relevant public issue tracker.

There aren't any published security advisories