Thank you for helping keep Orion AI Workspace secure!
This document explains how to report security vulnerabilities and how we handle them.
If you discover a security issue, please do not create a public GitHub issue. Instead, report it privately to our security team:
- Email: security@orionaiworkspace.tech
- Include:
- A clear description of the vulnerability
- Steps to reproduce
- Potential impact
- Any relevant screenshots, logs, or proof-of-concept code
We will acknowledge your report within 48 hours and provide updates as we work on a fix.
This policy applies to all versions of Orion AI Workspace, including beta and pre-release versions.
- Verify and assess the reported vulnerability.
- Communicate with the reporter about severity and mitigation.
- Provide a timeline for a patch or update.
- Publicly disclose the issue only after it has been resolved, unless agreed otherwise with the reporter.
- Use strong, unique passwords for your workspace accounts.
- Keep your API keys private and do not share them publicly.
- Only access Orion AI Workspace via official links and the authenticated portal.
We appreciate responsible security reporting. All researchers and users who report vulnerabilities may be acknowledged in our security acknowledgments page (optional and with permission).
By using Orion AI Workspace, you agree to follow this security reporting process.