| Version | Supported |
|---|---|
| latest | ✅ |
We take security seriously. If you discover a security vulnerability, please follow these steps:
- Go to the Security tab of the affected repository
- Click "Report a vulnerability"
- Fill in the details and submit
This keeps the report private and allows us to collaborate on a fix before public disclosure.
If you cannot use GitHub Advisories, email us at security@cyberskill.world with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fix (optional)
| Stage | Timeline |
|---|---|
| Acknowledgment | Within 48 hours |
| Initial Assessment | Within 5 days |
| Fix & Release | Within 30 days |
- Please do not open a public issue for security vulnerabilities
- We will credit reporters in the release notes (unless anonymity is requested)
- We follow coordinated vulnerability disclosure
If you need to share sensitive details (exploit code, credentials, server info), you can encrypt your report:
- PGP: Request our public key by emailing
security@cyberskill.worldwith subject "PGP Key Request" - GitHub Security Advisories: The preferred method — GitHub handles encryption automatically