AAIS is an actively evolving system. At this stage:

• Only the latest commit on main is considered supported.
• Older states, forks, or archived code are not supported for security updates.

As the project stabilizes, versioned support will be introduced.

If you discover a security issue, please report it responsibly.

• Open a GitHub Issue (if the issue is non-sensitive), or
• Contact directly via: warheart1984@gmail.com

• Clear description of the issue
• Steps to reproduce
• Impact (what can go wrong)
• Any suggested mitigation (optional)

• Acknowledgement within a reasonable timeframe (best effort)

• Investigation and classification of the issue

• If confirmed:

  • A fix or mitigation will be applied
  • Behavior will be documented if relevant to system law/governance

AAIS is designed around governed behavior, not just patching vulnerabilities.

This means:

• No component should operate outside defined boundaries
• Failures should be visible and controlled, not silent
• External input must pass admission and verification rules
• Dependencies must be pinned, lock-backed, and reviewed as ingress surfaces

Security is treated as part of system behavior, not an afterthought.