Skip to content

Security: Sw7lProjects/.github

Security

SECURITY.md

Security Policy

Security reports should be private.

Email support@abuswe7l.com if you find a vulnerability in a Sw7l Projects repository, bot, website, API, deployment flow, or automation script.

Do Not Post Publicly

Don't open a public GitHub issue with:

  • Secrets, tokens, API keys, private keys, or .env values
  • Exploit steps that can be copied directly
  • Screenshots showing private server data
  • Production URLs, admin paths, or credentials that aren't already public

What to Include

  • Affected repository or service
  • Clear reproduction steps
  • Expected impact
  • Affected user, bot, API, or Discord workflow
  • Safe proof of concept if available
  • Your contact method for follow-up

Scope

In scope:

  • Public Sw7l Projects repositories
  • AbuSwe7l community tooling owned by Sw7l Projects
  • Bots, APIs, dashboards, automation, and deployment workflows maintained by the team

Out of scope:

  • Social engineering
  • Spam, denial-of-service, or destructive testing
  • Attacks against third-party services we don't control
  • Testing that exposes private user data without permission

Safe Research

Security, cryptography, and steganography experiments in this organization are educational unless a repository explicitly says the work is production-safe.

There aren't any published security advisories