Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Security is a top priority for AIR Blackbox. If you discover a security vulnerability, please report it responsibly.

How to Report

Email security@airblackbox.ai or jason@airblackbox.ai directly.

Include:

Description: Clear explanation of the vulnerability
Impact: What could an attacker do?
Affected Versions: Which versions are affected?
Steps to Reproduce: How to reproduce the issue
Proof of Concept: Code or detailed proof (optional)

Response Timeline

Initial Response: Within 24 hours
Full Response: Within 48 hours
Critical Fix: Within 7 days
High Fix: Within 14 days
Medium/Low Fix: Within 30 days or next release

Responsible Disclosure

Do not publicly disclose until a fix is available
Do not exploit beyond proof of concept
Allow time for us to develop and test a fix

Supported Versions

Current Release: Full support
Previous Minor Version: Critical and high-severity patches
Older Versions: Critical patches on case-by-case basis

Contact

Security Email: security@airblackbox.ai
General Contact: jason@airblackbox.ai
Website: https://airblackbox.ai

Thank you for helping keep AIR Blackbox secure!

There aren’t any published security advisories