This repository is a discussion and feedback surface for MinSpec during founder-controlled incubation.
It is not an implementation package, source authority, or public governance surface.
Use this repository where enabled for:
- questions
- reproducible feedback
- documentation clarity suggestions
- design feedback
- evidence that an existing claim, package boundary, or workflow is wrong
- security-report routing, when a report needs to be directed to the published security process
Opening an issue or providing feedback does not grant contribution authority, source authority, maintainer status, or approval to submit code changes.
Pull requests are enabled but restricted to collaborators only. Only users with repository write, maintain, or admin access may open pull requests.
Collaborator PR access is an operational mechanism for trusted maintainers and approved collaborators. It is not a public contribution path.
Public visibility does not imply public governance, public write access, or an open contribution process. During incubation, source mutation remains restricted to the maintainer and explicitly trusted collaborators.
Unsolicited external PRs are not part of the accepted source path during incubation.
AI agents, GitHub Apps, bots, automation, Dependabot, Copilot agents, browser agents, and external tools are not maintainers and do not gain source authority from collaborator-only PR settings.
Automation may assist with inspection, drafting, validation, or maintainer-reviewed updates only when explicitly authorized. It must not create PRs, mutate issues, approve changes, merge changes, publish releases, or establish source authority.
Security issues should be reported through the published security process. Use GitHub private vulnerability reporting where available, or an official maintainer contact published by MinSpec.
Do not disclose suspected vulnerabilities publicly before maintainers have had a reasonable opportunity to review them.