Skip to content

Security: klarlabs-studio/mcp-go

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
0.1.x

Reporting a Vulnerability

We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.

How to Report

Please do not report security vulnerabilities through public GitHub issues.

Instead, please report them via email to: security@klarlabs.de

Include the following information:

  • Type of vulnerability
  • Full paths of affected source files
  • Location of the affected source code (tag/branch/commit or direct URL)
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code (if possible)
  • Impact of the issue and how an attacker might exploit it

Response Timeline

  • Initial Response: Within 48 hours
  • Status Update: Within 7 days
  • Fix Timeline: Depends on severity, typically within 30 days

Disclosure Policy

  • We will acknowledge receipt of your vulnerability report
  • We will provide an estimated timeline for a fix
  • We will notify you when the vulnerability is fixed
  • We will publicly disclose the vulnerability after a fix is available

Safe Harbor

We consider security research conducted in accordance with this policy to be:

  • Authorized concerning any applicable anti-hacking laws
  • Exempt from restrictions in our Terms of Service that would interfere with conducting security research

Thank you for helping keep mcp-go and its users safe!

There aren't any published security advisories