The VCP-SDK team takes security seriously. If you discover a security vulnerability, we appreciate your responsible disclosure.

Do NOT open a public GitHub issue for security vulnerabilities.

Instead, please report vulnerabilities via one of the following channels:

1. Email: Send a detailed report to security@creedspace.com
2. GitHub Security Advisories: Use the private vulnerability reporting feature

Please include the following in your report:

• Description of the vulnerability and its potential impact
• Affected component (Python SDK, Rust SDK, WebMCP SDK, specification, schemas)
• Steps to reproduce the issue
• Proof of concept code or payload, if applicable
• Suggested fix, if you have one

The following are in scope for security reports:

• Cryptographic signature verification (bundle signing, hash integrity)
• Identity token parsing and validation
• Privacy level enforcement (public/consent/private boundaries)
• Transport layer security
• Schema validation bypass
• Dependency vulnerabilities in SDK packages

We are grateful to security researchers who help keep VCP safe. With your permission, we will acknowledge your contribution in our release notes and security advisories.

VCP's security model is built on:

• Ed25519 signatures for bundle authentication
• SHA-256 content hashes for integrity verification
• Three-tier privacy architecture (public/consent/private)
• Verify-then-Inject pattern — verification at the orchestration layer, not the LLM
• Deterministic hooks — constitutional rules enforced outside probabilistic model behavior

For details, see Section 13 (Security Considerations) of the VCP Specification.