| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
If you discover a security vulnerability in Noxaudit, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, email security@atriumn.com with:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fix (optional)
We will acknowledge receipt within 48 hours and aim to provide a fix or mitigation within 7 days for critical issues.
This policy covers the Noxaudit CLI tool and GitHub Action. It does not cover findings generated by the AI auditor (those are suggestions, not guarantees).