Skip to content

Security: Vigilant-LLC/runner-guard

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in Runner Guard, please report it through GitHub's private vulnerability reporting:

Report a vulnerability

Do not open a public GitHub issue for security vulnerabilities.

We will acknowledge receipt within 24 hours and provide an initial assessment within 72 hours.

Supported Versions

Version Supported
3.x Yes
2.x Security fixes only
< 2.0 No

Scope

This policy covers:

  • The Runner Guard CLI tool
  • The Runner Guard GitHub Action
  • The Runner Guard Docker image
  • Detection rules and threat signatures

Recognition

We appreciate responsible disclosure and will credit reporters in release notes unless anonymity is requested.

There aren't any published security advisories