Skip to content

Security: Prime-Innovators/primeinnovators.org

Security

SECURITY.md

Security Policy

We take security seriously at Prime Innovators. If you believe you have found a security vulnerability, we appreciate your help in reporting it to us privately so that we can address it responsibly.

Please do NOT open a public issue on GitHub for security-sensitive bugs.


Supported Versions

Currently, we support and actively patch only the latest version deployed on the main branch of this repository.

Version Supported
1.x.x
< 1.0.0

Reporting a Vulnerability

If you discover a vulnerability:

  1. Email us privately at security@primeinnovators.org.
  2. Include as much detail as possible to help us reproduce and understand the issue:
    • Type of vulnerability (e.g., XSS, CSRF, sensitive data exposure).
    • Step-by-step instructions to reproduce the issue.
    • Any proof-of-concept scripts or screenshots.
    • Affected pages, endpoints, or components.
  3. Allow us up to 48 hours to acknowledge your report.
  4. We will investigate the issue and coordinate a patch or mitigation. Once resolved, we will publish the fix and credit you for the discovery (if desired).

What to Avoid

To protect our users and community, please avoid the following actions:

  • Executing denial of service (DoS) attacks or automated vulnerability scans that could degrade or disrupt our services.
  • Accessing or modifying user data without authorization.
  • Demanding compensation (bug bounties) in exchange for disclosing a security bug. Prime Innovators is a non-profit, volunteer-driven open-source initiative, and we do not have an active financial bounty program at this time.

Thank you for helping keep Prime Innovators secure for everyone! 🛡️

There aren't any published security advisories