Skip to content

Security: Spitfire-Cowboy/talos

SECURITY.md

Security Policy

Reporting a security issue

Do not open a public GitHub issue for suspected security problems.

Use a non-public contact method associated with the repository maintainer.

Include, when available:

  • a description of the issue
  • affected files or areas
  • reproduction details
  • potential impact

Current scope

This repository currently contains the Talos Python scoring core, tests, and supporting documentation.

Report privately if you find:

  • exposed secrets or credentials
  • non-public references or URLs
  • unsafe workflow or automation configuration
  • security-sensitive behavior in the public package or CLI
  • other security-sensitive repository content

Public disclosure

Do not disclose a suspected vulnerability publicly before maintainer review.

There aren't any published security advisories