Skip to content

Security: WeVibe-Network/wevibe-opencode-plugin

Security

SECURITY.md

Security Policy

Reporting a vulnerability

The WeVibe Network is in pre-production alpha. We take security seriously and welcome responsible disclosure.

Do not file public GitHub issues for security vulnerabilities.

Please email security reports to: security@wevibe.network

Include:

  • Description of the vulnerability
  • Steps to reproduce
  • Affected component(s)
  • Suggested mitigation (if any)

We will acknowledge receipt within 72 hours and provide a status update within 7 days.

Supported versions

During alpha, only the latest commit on main of each repository receives security updates.

Scope

In scope:

  • All code in github.com/WeVibe-Network/*
  • Protocol design flaws
  • Cryptographic weaknesses

Out of scope:

  • Third-party dependencies (report upstream)
  • Denial of service from a single client
  • Issues requiring physical access

There aren't any published security advisories