Skip to content

Security: AgoraIO/docs-portal

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues, pull requests, discussions, or comments.

Report suspected vulnerabilities through a private security channel published by Agora. If GitHub private vulnerability reporting is enabled for this repository, use that channel from the repository Security tab.

This file intentionally does not list a security email address until the repository owner confirms the official security contact for public vulnerability reports.

Include as much detail as you can safely share:

  • Affected repository, branch, path, or deployed URL.
  • Steps to reproduce.
  • Potential impact.
  • Any proof-of-concept code or screenshots that do not expose secrets or private user data.

The maintainers will review valid reports and follow up through the appropriate security response process.

Supported Scope

This repository contains documentation content, build scripts, and the docs portal application. Security reports may include issues in the docs site, documentation build pipeline, repository automation, or exposed configuration.

Do not include live credentials, access tokens, customer data, or confidential support materials in reports.

Privacy Requests

Privacy rights requests and privacy policy questions are separate from security vulnerability reports. For privacy requests, follow the Agora Privacy Policy: https://www.agora.io/en/privacy-policy/

There aren't any published security advisories