Skip to content

Security: SecrinLabs/secrin

Security

SECURITY.md

Security Policy

Contact: help@secrinlabs.com

If you find a security vulnerability in Secrin, please report it responsibly. We take security seriously and will respond as quickly as possible.

Report Guidelines

  • Email details with steps to reproduce.
  • Do not exploit or access data beyond what is required to demonstrate the issue.
  • Do not publicly disclose until we confirm a fix.

Out of Scope

  • Non-sensitive UI issues or dead links.
  • Clickjacking with no sensitive impact.
  • Issues requiring MITM or physical access.
  • DoS, automated scanning, or stress-testing attacks.
  • Email spoofing, missing headers, or low-impact cookie flags.

Our Commitment

  • We acknowledge reports within 3 business days.
  • We work fast to validate and resolve confirmed issues.
  • No legal action for good-faith research.
  • Credit is optional, we respect anonymity.

There aren’t any published security advisories