If you discover a security vulnerability in the SoulACP protocol specification or reference implementations, please report it responsibly through GitHub's private security advisory channel:
Report a vulnerability on GitHub
This keeps the report private until a fix is released and coordinated disclosure is complete.
Please include:
- Description of the vulnerability
- Steps to reproduce (if applicable)
- Potential impact assessment
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 7 days
- Resolution Plan: Within 14 days
This security policy covers:
- The SoulACP protocol specification (
specification/SoulACP_Protocol.md) - The SoulACP quality standards (
specification/standards/) - The SoulACP proto definition (
specification/aiap.proto) - Official documentation and examples
We follow a coordinated disclosure process. Please do not publicly disclose vulnerabilities until a fix has been released and announced.
Align Axiom 0: Human Sovereignty and Wellbeing. Version: SoulACP V0.1.2. www.soulacp.dev