Security & responsible disclosure.

• →Please report security issues privately via email at [email protected].
• →Do not open public GitHub issues for sensitive findings.

• →A clear description of the issue.
• →Steps to reproduce, if possible.
• →Any potential impact you see.

• →We aim to acknowledge reports within 72 hours.
• →We will provide a timeline for remediation where applicable.
• →Once a fix is available, we may credit reporters (optional).

This policy applies to all NullRabbit OSS repositories under the nullrabbitlabs organization, including scanners, orchestrators, data models, and research repos.

• →Code is released under the MIT License.
• →"NullRabbit" is a trademark of Polkaspots Ltd.