If you discover a security vulnerability in GSF, please report it responsibly.
π§ Email: hello@gsf.community Subject: [SECURITY] Vulnerability Report
Please include:
- Description of the issue
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We aim to respond within 48 hours.
Currently supported versions:
| Version | Supported |
|---|---|
| Latest | β Yes |
| Older versions | β No |
- Open public GitHub issues for security vulnerabilities
- Share exploits publicly before resolution
We follow:
- Secure authentication flows
- Input validation and sanitization
- Environment variable protection
- HTTPS-only deployment (via Vercel)
- Dependency monitoring
This includes:
- Authentication system
- API endpoints
- Payment & equity transaction flows
- User data handling
We appreciate ethical hackers and researchers helping improve GSF.
Valid reports may be acknowledged publicly (with your consent).
By reporting vulnerabilities, you agree:
- Not to exploit the issue
- Not to access user data beyond necessity
- To act in good faith
GSF is committed to building a secure platform for founders worldwide.