Skip to content

Security: IbrokhimN/IJAI

Security

SECURITY.md

IJAI Security Policy

Supported Versions

We provide security updates and patches only for actively maintained versions of IJAI.

Version Supported
main / latest
older releases ❌ (please upgrade to the latest version)

Reporting a Vulnerability

If you discover a security vulnerability, please do not open a public issue.

Instead, send a responsible disclosure to:
yan.bragin10@gmail.com

Please include the following details:

  • A description of the vulnerability
  • Steps to reproduce
  • The potential impact
  • Any possible mitigation or fix (optional)

We will:

  • Acknowledge your report within 48 hours
  • Provide status updates within 7 days
  • Credit you publicly (if desired) once the issue is resolved

Our Security Principles

  1. Transparency — we openly communicate about fixed vulnerabilities.
  2. Confidentiality — all reports are kept private until resolved.
  3. Integrity — we verify all patches and dependency updates.
  4. Responsibility — we prioritize user and contributor safety.

Recommendations for Users

To keep your IJAI installation secure:

  1. Always run the latest stable version.
  2. Avoid exposing internal endpoints publicly.
  3. Use strong authentication and isolated environments.
  4. Never commit API keys, tokens, or model secrets.
  5. Validate third-party extensions before using them.

Appreciation

Security is a shared responsibility.
Thank you for helping us keep IJAI safe for everyone in the AI community.

"Strong intelligence deserves strong protection."

There aren't any published security advisories