| Repo | Support Status |
|---|---|
| blackroad-core | ✅ Active |
| blackroad-gateway | ✅ Active |
| blackroad-api | ✅ Active |
| blackroad-cli | ✅ Active |
| All others | ✅ Active |
Do not open public GitHub issues for security vulnerabilities.
Email: security@blackroad.ai
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact assessment
- Suggested fix (optional)
We respond within 72 hours and aim to patch critical issues within 7 days.
In scope:
- Authentication bypass
- Remote code execution
- Secrets exposure via API
- Agent privilege escalation
Out of scope:
- Theoretical attacks without proof of concept
- Social engineering
- Issues in third-party dependencies (report to upstream)
We follow coordinated disclosure — we'll work with you to validate and fix the issue before public disclosure.
© BlackRoad OS, Inc. All rights reserved.