Skip to content

Security: Sentinel-Audits/sentinelaudit-oss

Security

SECURITY.md

Security Policy

If you believe you have found a security issue in SentinelAudit or any public component we publish, please report it privately.

Please Include

  • affected component or file path
  • impact summary
  • reproduction steps
  • proof-of-concept if available
  • any assumptions required for exploitation

Please Do Not

  • disclose vulnerabilities publicly before coordination
  • include secrets, tokens, or customer data in public issues

Scope Note

Some parts of SentinelAudit remain private product infrastructure. A public repository or extracted public package may not include all production controls or internal hardening layers. Reports are still welcome, but please note which public artifact or commit your finding applies to.

There aren't any published security advisories