如果你发现 NebulaKB 的安全问题,请不要公开提交 Issue。
请通过以下渠道私下联系维护者:
- Email:
security@nebulakb.ai - GitHub Security Advisories:
https://github.com/however-yir/nebula-kb/security/advisories - 备选渠道(普通问题,不含漏洞细节):
https://github.com/however-yir/nebula-kb/issues
When you discover a security vulnerability in NebulaKB, please do not report it publicly first.
Private reporting channels:
- Email:
security@nebulakb.ai - GitHub Security Advisories:
https://github.com/however-yir/nebula-kb/security/advisories - Fallback (non-sensitive communication only):
https://github.com/however-yir/nebula-kb/issues
- We will acknowledge receipt within 72 hours.
- We will provide an initial triage within 7 days.
- We will coordinate a fix and disclosure timeline with the reporter.
我们会在 72 小时内确认收到,在 7 天内完成初步分级,并与报告人协同修复和披露计划。