| Version | Supported |
|---|---|
| v1.0.x (current) | Yes |
If you discover a security vulnerability in this repository, please report it responsibly.
- Email: Send a detailed report to security@originneural.ai
- Subject line:
[SECURITY] DSC-1-Spectral-Unity -- <brief description> - Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact assessment
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Initial assessment: Within 5 business days
- Resolution timeline: Depends on severity; critical issues patched within 72 hours
This repository contains research data and validation scripts. The primary security concerns are:
| Area | Concern |
|---|---|
| Data integrity | Tampered CSV/JSON files that could produce misleading validation results |
| Script injection | Malicious input to validation scripts |
| Supply chain | Compromised dependencies (numpy, scipy, pandas, matplotlib) |
- The DSC-1 engine itself (this repo contains only public benchmark data and validation tools)
- Blockchain transaction verification (immutable by design)
- Theoretical claims (use the verification_report issue template instead)
All datasets in this repository are validated by CI on every push. You can run integrity checks locally:
python scripts/validate_data.pyThis runs 45+ checks across all data files, including row counts, schema validation, and statistical bounds.
- All dependencies are pinned to minimum versions in
scripts/requirements.txt - No network calls are made by any script in this repository
- All computation is local and deterministic
We follow coordinated disclosure. Please do not open public issues for security vulnerabilities. We will credit reporters in the fix commit unless anonymity is requested.