Praetorian takes security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings.

Please do NOT report security vulnerabilities through public GitHub issues.

Instead, please report them via email to:

security@praetorian.com

Please include the following information:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Any suggested mitigations

• Initial Response: Within 48 hours
• Status Update: Within 7 days
• Resolution Target: Based on severity

We kindly ask that you:

• Allow reasonable time for us to address the issue before public disclosure
• Avoid accessing or modifying data that does not belong to you
• Act in good faith to avoid privacy violations and service disruptions

When using Nerva:

• Only scan systems you have authorization to test
• Use appropriate timeouts to avoid overwhelming targets
• Be aware that fingerprinting may be logged by target systems
• Review JSON output for sensitive metadata before sharing

We thank security researchers who help improve Nerva through responsible disclosure.