If you discover a security issue in any ROLV Primitive© artifact — including this repository, rolv.ai, the public benchmark API at HuggingFace Space rolvai/benchmark, or any evaluation container distributed under NDA — please report it privately.

Email: rolv@rolv.ai

Please include:

• A description of the issue
• Steps to reproduce (if applicable)
• The affected component (website, HuggingFace Space, evaluation container, documentation, etc.)
• Your contact information so we can follow up

We aim to acknowledge every report within 48 hours and to provide a substantive response within 7 days.

Please do not open public GitHub issues for suspected security vulnerabilities. We handle disclosures privately until a fix is in place, at which point we will credit the reporter if desired.

This policy applies to:

• This repository (rolvai/rolv)
• The rolv.ai website and its benchmark flow
• The public benchmark backend at huggingface.co/spaces/rolvai/benchmark
• Any ROLV Primitive© evaluation container distributed to NDA partners
• The RolvKey™ authentication and attestation system

Responsible disclosure is appreciated and will be acknowledged.

• Social engineering attacks against ROLV LLC employees or contractors
• Denial of service attacks requiring unreasonable traffic volume
• Vulnerabilities in third-party services we integrate with (please report those to the respective service)
• Issues affecting unsupported legacy versions of evaluation containers that have been superseded

ROLV LLC · Fort Lauderdale, FL · rolv@rolv.ai