mcpscope / SECURITY.md
Syntho's picture
Upload folder using huggingface_hub
5aa5d28 verified
|
Raw
History Blame Contribute Delete
757 Bytes
# Security Policy
## Reporting a Vulnerability
If you discover a security vulnerability in MCP-Scope, please report it privately.
**Do not create a public GitHub issue.**
Send details to: **carlos@aiagentobservatory.org**
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested mitigation (optional)
We will acknowledge receipt within 48 hours and provide a timeline for a fix.
## Scope
- The web dashboard (FastAPI)
- The REST API
- CLI commands that process external input
- Dependencies with known CVEs
## Out of Scope
- The SQLite database file (local by default)
- Scanner tools that MCP-Scope wraps (report issues to their respective projects)
## Preferred Languages
English or Spanish.