21aa81d2b0
14-file blueprint including: - sources.yml with data source provenance - 12 golden contract tests with native-language search terms - 5-6 drift detection anchors - MCP Registry + npm package configs - Vercel deployment config (SMALL tier) - Security policies and issue templates Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
35 lines
1.0 KiB
Markdown
35 lines
1.0 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| 1.x.x | :white_check_mark: |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability in Israel Law MCP, please report it responsibly:
|
|
|
|
1. **Do NOT open a public issue**
|
|
2. Email **security@ansvar.eu** with:
|
|
- Description of the vulnerability
|
|
- Steps to reproduce
|
|
- Potential impact
|
|
3. You will receive acknowledgment within 48 hours
|
|
4. We aim to provide a fix within 7 days for critical issues
|
|
|
|
## Data Accuracy
|
|
|
|
For data accuracy issues (incorrect legal text, missing provisions, stale data), please use our [data error issue template](https://github.com/Ansvar-Systems/israel-law-mcp/issues/new?template=data-error.md).
|
|
|
|
## Scope
|
|
|
|
This policy covers:
|
|
- The npm package `@ansvar/israel-law-mcp`
|
|
- The Vercel deployment at `https://israel-law-mcp.vercel.app`
|
|
- The MCP server code in this repository
|
|
|
|
Out of scope:
|
|
- The upstream legal data sources themselves
|
|
- Third-party dependencies (report to their maintainers)
|