Skip to content

Security: Anakin-Inc/anakin

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
Latest release Yes
Older releases No

We only provide security fixes for the latest release. Please upgrade to the latest version before reporting.

Reporting a Vulnerability

Do NOT open a public GitHub issue for security vulnerabilities.

Report via our Discord server with:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)

What to Expect

  • Acknowledgment within 48 hours
  • Assessment within 1 week
  • Fix within 90 days (critical vulnerabilities prioritized)
  • Credit in the release notes (unless you prefer to remain anonymous)

Scope

The following are in scope:

  • AnakinScraper server (server/)
  • Browser service (browser-service/)
  • Docker configuration
  • Default configurations that could lead to security issues

The following are out of scope:

  • Issues in third-party dependencies (report to the upstream project)
  • Issues that require physical access to the server
  • Social engineering attacks

There aren't any published security advisories