Thank you for helping us keep the Trusted Agentic Commerce Protocol and systems they interact with secure.

This project is maintained by Forter as part of the Trusted Agentic Commerce Protocol initiative.

If you discover a security vulnerability in this project, please report it responsibly by emailing ai@forter.com with the details. Please do not open public issues for security vulnerabilities.

• A description of the vulnerability and its potential impact
• Steps to reproduce the vulnerability
• Any relevant proof-of-concept code or screenshots
• Your contact information for follow-up questions

We will acknowledge receipt of your vulnerability report within 48 hours and will send you regular updates about our progress. If you do not receive a response within 48 hours, please follow up via email to ensure we received your original message.

We ask that you:

• Give us reasonable time to investigate and mitigate the issue before making it public
• Make a good faith effort to avoid privacy violations, data destruction, and service interruption
• Not access or modify data that does not belong to you

We thank all security researchers who responsibly disclose vulnerabilities to us. With your permission, we would be happy to publicly acknowledge your contribution.