If you discover a security vulnerability in the CRAFT Framework, please report it responsibly. Do not open a public GitHub Issue.
Contact us directly through the CRAFTFramework.ai website:
- Website: CRAFTFramework.ai
- Email: security@craftframework.ai
- A description of the vulnerability
- Steps to reproduce the issue
- The potential impact
- Any suggested fixes (optional but appreciated)
- Acknowledgment: Within 48 hours of your report
- Assessment: Within 7 days
- Resolution: Dependent on severity, but we aim for prompt fixes
This policy covers the CRAFT Framework files distributed through this repository and via CRAFTFramework.ai. It does not cover third-party tools, Claude Desktop, or Anthropic's services.
| Version | Supported |
|---|---|
| v0.b0326a1 (Beta) | Yes |
We appreciate responsible disclosure and will credit reporters (with permission) in our changelog when vulnerabilities are fixed.