reporting a vulnerability
if you've found a security vulnerability in inference.sh or belt.sh, we want to hear about it.
email: [email protected]
please include:
- description of the vulnerability
- steps to reproduce
- affected component (api, cli, web, skills, agents)
- impact assessment (what an attacker could do)
we will acknowledge your report within 48 hours and aim to provide a fix timeline within 5 business days.
reporting abuse
for abuse reports (malicious skills, apps, or agents):
email: [email protected]
for dmca takedown requests:
email: [email protected]
what we protect
- all skill content is scanned by our security scanner (INF-SEC rules) before serving
- credentials detected in skill content or agent output are automatically redacted
- hook tool URLs are validated (https required, no localhost)
- critical security findings block skill publishing automatically
- credential patterns are sourced from gitleaks and updated at startup
scope
the following are in scope for security reports:
- inference.sh api and web application
- belt.sh web application
- belt cli
- skill store and registry
- agent runtime and execution
- mcp connector proxy
- authentication and authorization
the following are out of scope:
- third-party app provider vulnerabilities (report to the provider directly)
- social engineering attacks
- denial of service attacks
- issues in dependencies already reported upstream
disclosure policy
- we follow coordinated disclosure — please give us reasonable time to fix before publishing
- we will not pursue legal action against researchers acting in good faith
- we credit researchers in our changelog (unless you prefer anonymity)
security.txt
our machine-readable security contact is at /.well-known/security.txt
policies
we maintain comprehensive security, incident response, data classification, vendor management, business continuity, and change management policies. full policy documents are available on request — contact [email protected].