Security Disclosure

VeriSigil AI · Lagos, Nigeria

We take security seriously. If you have found a vulnerability, please report it responsibly. We commit to responding within 72 hours.

Responsible Disclosure

If you discover a security vulnerability in VeriSigil AI's platform, API, or infrastructure, please report it to info@verisigilai.com before public disclosure.

Include: description of the vulnerability, steps to reproduce, potential impact, and your contact details. We will acknowledge receipt within 72 hours and aim to resolve critical issues within 30 days.

Scope

In scope: VeriSigil API (verisigil-api-production.up.railway.app), verisigilai.com, authentication systems, API key handling, evidence chain integrity.

Out of scope: Third-party infrastructure (Railway, Supabase), social engineering, physical attacks.

What We Ask

Do not access, modify, or delete data that does not belong to you. Do not disrupt live services. Give us reasonable time to fix before public disclosure. We will not pursue legal action against researchers who follow these guidelines.

Contact

info@verisigilai.com
VeriSigil AI · Lagos, Nigeria