Last Updated: November 19, 2024

We take security seriously at DevAssist Bot. If you discover a security vulnerability, please follow these steps:

1. DO NOT create a public GitHub issue
2. Email me at mantejarora@gmail.com
3. Include detailed information about the vulnerability
4. We will acknowledge receipt within 24 hours
5. We will provide a detailed response within 72 hours
6. We will work with you to verify and fix the issue

• All API endpoints use HTTPS
• Sensitive data is encrypted at rest
• Regular security audits
• Automated vulnerability scanning
• Rate limiting on all endpoints
• Input validation and sanitization

1. Keep your API keys secure
2. Use environment variables
3. Regular token rotation
4. Monitor for suspicious activity
5. Keep dependencies updated

We offer rewards for responsible disclosure:

• Critical vulnerabilities: $200
• High severity: $100
• Medium severity: $50

Email PGP Key: Download #will be added soon