| Version | Supported |
|---|---|
| 2.x | Yes |
| 0.1.x | Yes |
If you discover a security vulnerability in the ACP reference server, please report it responsibly.
Email: security@primoia.ai
Do NOT open a public GitHub issue for security vulnerabilities.
- Description of the vulnerability
- Steps to reproduce
- Environment (Node.js version, OS)
- Potential impact assessment
- 48 hours — We will acknowledge receipt of your report
- 7 days — We will provide an initial assessment and expected fix timeline
- 30 days — We aim to release a fix or mitigation
We will credit reporters in the changelog unless they prefer to remain anonymous.