Security

Report a vulnerability

SECURITY.MD

Security Policy

Supported Versions

WIB Project is currently a prototype (v0.1). Updates and fixes are provided on a best-effort basis.

Reporting a Vulnerability

If you discover a vulnerability:

Do not open a public GitHub issue.
Contact the maintainer directly at: [your email or contact link here].
Please include steps to reproduce, environment details, and any proof-of-concept.

Sensitive Data Warning

Baseline archives contain:

Installed programs
Certificates
Driver and service lists
User and group information

Do not share your baseline archives publicly.
They are intended for private forensic and integrity purposes only.

Commitments

All security issues reported privately will be acknowledged within 7 days.
Fixes or mitigations will be prioritized and documented in the project changelog.
No telemetry, tracking, or cloud requirements will ever be added.

MIT License

Copyright (c) 2025 Verity

There aren't any published security advisories