Security Transparency
Security intake posture.
This summary gives researchers and customer security teams a stable view of Forge's public intake surface. It intentionally avoids private implementation details.
| Primary report path | Structured security report form |
|---|---|
| Security contact | [email protected] |
| PGP public key | Published public key |
| Disclosure policy | Published responsible disclosure policy |
| Public advisories | No public advisories published. |
| Bug bounty | Forge does not currently operate a paid bug bounty program. |
| Report identifiers | Structured reports receive a Forge Security Report Number for follow-up. |
| Public boundary | This page covers public vulnerability intake only, not private customer environments or deployment-specific controls. |