# Security Policy

## Reporting a Vulnerability

If you discover a security vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. Please report any security vulnerabilities to us by writing an email to [aiko@aitsys.dev](mailto:aiko@aitsys.dev) or by opening a ticket in our Discord server.

## Responsible Disclosure

We believe in responsible disclosure. Please give us adequate time to investigate and mitigate an issue before publicly disclosing any security vulnerabilities. This helps protect our users and ensure the issue is properly addressed.

## Enforcement

We take security seriously at AITSYS. Attempts to flood or overload our systems, or any other form of attack, will not be tolerated and will be met with strict enforcement actions, including potential bans.

## Acknowledgment

By contributing to this project, you agree to abide by this Security Policy and understand that violations may result in enforcement actions, including bans or removal from the community.

## AI Policy

We do not grant any permission to use AI tooling to find possible vulnerabilities on our infrastructure. If this rule is broken we will take legal actions.

## Bug Bounty

Due to being an open-source-only developer group we cannot afford any bug bounty programs. The most we can do is noting down the name of the reporters in our gist.

## Info For .well-known/security.txt

Cloudflare hard-cached our security.txt which means it's outdated. 

The following should be considered active:
```
Contact: mailto:aiko@aitsys.dev
Encryption: https://gist.githubusercontent.com/Lulalaby/6e03b3f83ddb023d3688ea29e3726712/raw/6d3549886ccbdb934df289cd203efd374ae9caec/pgp-key.txt
Acknowledgments: https://gist.github.com/Lulalaby/c5aeb361289b8e97130aa838e5ea9248
AITSYS Policy: https://raw.githubusercontent.com/Aiko-IT-Systems/.github/main/SECURITY.md
Pycord Policy: https://raw.githubusercontent.com/Pycord-Development/.github/main/SECURITY.md
Preferred-Languages: en
Expires: 2030-12-31T23:59:00Z
```