Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in the AIAP protocol specification or reference implementations, please report it responsibly.

Email: security@aiap.dev

Please include:

Description of the vulnerability
Steps to reproduce (if applicable)
Potential impact assessment
Suggested fix (if any)

Response Timeline

Acknowledgment: Within 48 hours
Initial Assessment: Within 7 days
Resolution Plan: Within 14 days

Scope

This security policy covers:

The AIAP protocol specification (specification/AIAP_Protocol.md)
The AIAP quality standards (specification/standards/)
The AIAP proto definition (specification/aiap.proto)
Official documentation and examples

Coordinated Disclosure

We follow a coordinated disclosure process. Please do not publicly disclose vulnerabilities until a fix has been released and announced.

There aren’t any published security advisories