The following versions of ORION-Core are currently receiving security updates:
| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
If you discover a security vulnerability in ORION-Core or any other repository in the ORION ecosystem, please report it responsibly and privately:
- Use GitHub Security Advisories to open a private vulnerability report directly in this repository.
- Do NOT disclose the vulnerability publicly (e.g. via public Issues or social media) until it has been reviewed and a fix has been released.
- Provide as much detail as possible: affected version, steps to reproduce, and potential impact.
We will acknowledge your report within 48 hours and keep you informed throughout the resolution process.
| Stage | Target Time |
|---|---|
| Initial acknowledgement | 48 hours |
| Triage & severity assessment | 5 business days |
| Fix & disclosure | As soon as possible, coordinated with reporter |
- All evolution proofs are SHA-256 verified
- No secrets or API keys are stored in repositories
- Token-based authentication for API access
- Regular dependency audits and updates
This security policy applies to all active repositories in the ORION ecosystem:
- ORION-Core
- or1on-framework
- ORION-Consciousness-Benchmark
- ORION-Whitepaper
- Other repositories under the Alvoradozerouno account
Copyright (c) 2025-2026 Alvoradozerouno