Skip to content

Security: protectai/llm-guard

SECURITY.md

Security Policy

Reporting a Vulnerability

We take the security of our software products seriously, which includes not only the code base but also the scanners provided within. If you have found any issues that might have security implications, please send a report to [[email protected]].

Do NOT open an issue on the GitHub repository, as doing so makes it public knowledge.

Your report should include:

  • Description of the vulnerability
  • Steps to reproduce the issue

Scanner Vulnerabilities or Ideas for New Security Features

In addition to code vulnerabilities, we also welcome reporting of vulnerabilities in our scanners or sharing ideas for new security features. Your input is valuable in making the use of Large Language Models safer and more secure.

Please include the following in your report:

  • Description of the vulnerability or the new feature
  • Steps to reproduce the issue or a detailed explanation of the feature
  • If it's a new feature, any additional resources that can help understand it

Contributions

We appreciate your help in improving the security of our project. If you're interested in contributing more actively, please see our CONTRIBUTING.md for information on how to get started.

Our Commitment

After you've submitted a vulnerability, we are committed to addressing it in the following manner:

  1. We will confirm the receipt of your vulnerability report within 3 business days.
  2. We will investigate the issue and update you every week about our progress.
  3. We will acknowledge your contribution when we write about the issue, if you desire so.

Thanks for helping keep our project secure.

There aren’t any published security advisories