ODEI takes security seriously because the system handles memory, decision context, and production agent infrastructure.

Security fixes are prioritized for currently active public ODEI surfaces, including:

• api.odei.ai
• odei.ai
• public ODEI GitHub repositories under odei-ai
• MCP and API integration surfaces maintained by the organization

Please report vulnerabilities privately.

Preferred channels:

1. GitHub Security Advisories on the affected repository
2. security@odei.ai

Please include:

• affected repository or surface
• clear description of the issue
• reproduction steps or proof of concept
• potential impact
• any mitigation ideas if you have them

• do not post live vulnerabilities in public issues
• do not publish secrets, tokens, or exploit details before coordination
• do not test aggressively against production systems

We will triage credible reports as quickly as possible and coordinate remediation and disclosure when appropriate.