We take the security of our virtualization and API isolation seriously. Learn how to report vulnerabilities or check our scope.
If you believe you have found a security vulnerability in inis.run, please report it immediately by email to security@inis.run. Do not open a public GitHub issue.
Include as much detail as you can: what you found, how to reproduce it, and any proof-of-concept you have prepared. We will acknowledge your report within 2 business days and keep you updated as we investigate.
The following areas are in scope for security reports:
The following are out of scope for our security response:
We will not pursue legal action against researchers who:
We treat good-faith security research as a contribution and will credit you in the fix if you wish.
| Step | Target Timeline |
|---|---|
| Acknowledgement | 2 business days |
| Initial assessment | 5 business days |
| Fix or mitigation | Depends on severity (critical issues within 7 days where possible) |
Contact: security@inis.run — for security issues only. For abuse reports, use abuse@inis.run.
Looking for how we isolate and handle your data? See the security overview.