Contact: mailto:security@llmrelevance.com
Expires: 2027-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://www.llmrelevance.com/.well-known/security.txt

At LLM Relevance, we consider the security of our systems a top priority. If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible.

## Reporting Guidelines

Please report security vulnerabilities to: security@llmrelevance.com

Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)

## What We Promise

- We will respond to your report within 5 business days
- We will handle your report with strict confidentiality
- We will keep you informed of progress toward resolving the issue
- We will credit you as the discoverer (unless you prefer otherwise)

## Out of Scope

- Clickjacking on pages with no sensitive actions
- Unauthenticated/logout/login CSRF
- Attacks requiring MITM or physical access to a user's device
- Attacks requiring social engineering
- Any activity that could lead to service disruption (DoS)
- Content spoofing without showing an attack vector
- Email spoofing
- Missing security headers (DNSSEC, CAA, CSP)
- Dead links

## Testing Guidelines

- Do not run automated scanners without prior notification
- Do not take advantage of vulnerabilities you discover
- Do not access or modify data beyond what's necessary to demonstrate the vulnerability
- Do not publicly disclose vulnerabilities before we've had a chance to address them

Thank you for helping keep LLM Relevance Directory secure.