Skip to content

Security: vahapogut/Aegis-Security

Security

SECURITY.md

Security Policy

Supported Versions

Aegis is an active open-source project. Currently, only the latest v1.x branch receives security updates.

Version Supported
v1.x.x
< 1.0

Reporting a Vulnerability or False Positive

If you discover a false positive, a security issue in Aegis itself, or a critical bypass where an AI anti-pattern goes undetected, please do not open a public issue immediately.

Instead, we ask that you report it privately to ensure the integrity of the tool and the community.

  1. Email the core team at info@ipeclabs.com.
  2. Include the following in your report:
    • A description of the vulnerability or false positive.
    • The Aegis version you are using.
    • The exact code snippet that triggers (or fails to trigger) the issue.
    • Steps to reproduce.

You should receive a response within 48 hours. We take security and precision very seriously and will work with you to patch the rule engine.

Thank you for helping keep the AI-era secure coding infrastructure safe!

There aren't any published security advisories