This page is the evergreen security statement for community safety and impersonation defense.
Scammers may impersonate ZeroClaw maintainers, contributors, or community members.
Assume fraud if someone claiming to represent ZeroClaw asks for:
- cryptocurrency transfers
- wallet access or seed phrases
- private financial information
- private credentials outside official security reporting flow
ZeroClaw maintainers do not request money or private wallet/financial credentials via direct messages.
Use these sources to verify announcements:
- GitHub repository:
zeroclaw-labs/zeroclaw - GitHub Security policy and advisories: ../../SECURITY.md
Treat third-party links and social posts as untrusted until confirmed in the GitHub repository.
- Check whether the same announcement exists in GitHub issues, PRs, releases, or docs.
- Confirm the posting account is an expected project maintainer/org account.
- Prefer links that originate from repository pages rather than forwarded DMs.
If you see impersonation attempts or scam outreach:
- Do not engage or send funds/data.
- Capture evidence (screenshots, usernames, URLs, timestamps).
- Open a GitHub issue in
zeroclaw-labs/zeroclawwith sanitized details.
For vulnerability disclosure, use private reporting:
- Security policy: ../../SECURITY.md
- Private report template: private-vulnerability-report-template.md