If you discover a security vulnerability in MOISSCode, please report it responsibly.
Email: dev@aethryva.com
What to include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
Response timeline:
- Acknowledgment within 48 hours
- Initial assessment within 5 business days
- Fix or mitigation plan within 30 days for confirmed vulnerabilities
This policy covers:
- The MOISSCode language runtime (lexer, parser, interpreter)
- The Python SDK and CLI
- The REST API server
- The documentation website (moisscode.com)
MOISSCode is a research tool and is not approved for clinical decision-making. Security reports related to clinical safety should still be reported, as they help improve the software for research use.
| Version | Supported |
|---|---|
| 3.x.x | Yes |
| 1.x.x | No |