If you discover a security vulnerability in any OpenA2A project, please report it responsibly.
Email: security@opena2a.org
Please include:
- Description of the vulnerability
- Steps to reproduce
- Affected tool/version
- Potential impact
We will acknowledge receipt within 48 hours and provide a timeline for remediation.
This policy covers all repositories under the opena2a-org GitHub organization.