We take security seriously at Prime Innovators. If you believe you have found a security vulnerability, we appreciate your help in reporting it to us privately so that we can address it responsibly.
Please do NOT open a public issue on GitHub for security-sensitive bugs.
Currently, we support and actively patch only the latest version deployed on the main branch of this repository.
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0.0 | ❌ |
If you discover a vulnerability:
- Email us privately at security@primeinnovators.org.
- Include as much detail as possible to help us reproduce and understand the issue:
- Type of vulnerability (e.g., XSS, CSRF, sensitive data exposure).
- Step-by-step instructions to reproduce the issue.
- Any proof-of-concept scripts or screenshots.
- Affected pages, endpoints, or components.
- Allow us up to 48 hours to acknowledge your report.
- We will investigate the issue and coordinate a patch or mitigation. Once resolved, we will publish the fix and credit you for the discovery (if desired).
To protect our users and community, please avoid the following actions:
- Executing denial of service (DoS) attacks or automated vulnerability scans that could degrade or disrupt our services.
- Accessing or modifying user data without authorization.
- Demanding compensation (bug bounties) in exchange for disclosing a security bug. Prime Innovators is a non-profit, volunteer-driven open-source initiative, and we do not have an active financial bounty program at this time.
Thank you for helping keep Prime Innovators secure for everyone! 🛡️