simplicio-prompt releases follow SemVer. Security fixes ship on the latest minor; older minors do not receive backports unless explicitly called out in CHANGELOG.md.

Both distribution channels (PyPI simplicio-prompt and npm simplicio-prompt) are kept in lockstep — a security release means new versions on both registries.

Do not open a public GitHub issue or PR for a vulnerability. Public disclosure before a fix is shipped puts users at risk.

Instead, use one of these private channels:

1. GitHub private advisory — preferred. Open at https://github.com/wesleysimplicio/simplicio-prompt/security/advisories/new. This routes only to maintainers and gives us a private workspace to triage and prepare a fix.
2. Email — wesleybob4@gmail.com with subject [simplicio-prompt security]. PGP available on request before sending sensitive payloads.

When you report, please include:

• A minimal proof-of-concept (repro steps, sample input, expected vs. observed behavior).
• The affected version(s).
• Your assessment of impact (confidentiality / integrity / availability, who is exposed, and whether the issue is exploitable in default configurations).
• Whether you have already shared the report with anyone else.

• Acknowledgement within 3 business days.
• Initial triage (confirmation or follow-up questions) within 7 business days.
• Fix timeline depends on severity; critical issues are released out-of-band, others ride the next scheduled minor.
• We will credit you in the release notes unless you ask otherwise. If a CVE is appropriate, we will request one and share the identifier.

The runtime is deliberately dependency-free in the Python kernel and the optional Rust extension is a clearly-bounded surface. Reports about the following are not considered vulnerabilities:

• Behavior produced by an LLM provider you have configured (we do not audit upstream model outputs).
• Prompt-injection inside content the user already controls when they explicitly opt into a custom prompt_builder / system payload.
• DoS achieved by passing extreme parameters (--subagents 10**9) — we ship safe defaults and an --overall-timeout-s knob; users on shared infrastructure should set them.
• Vulnerabilities in optional dependencies (orjson, maturin-built Rust extension) that are not introduced by us — please report those upstream.

For high-severity issues we prefer coordinated disclosure with a fix window of up to 90 days from acknowledgement, extendable by mutual agreement if the fix is non-trivial. After that window, or after a fix ships (whichever comes first), the advisory and PoC become public.

Thank you for helping keep simplicio-prompt and its users safe.