Security Policy

If you believe you have found a security vulnerability in AxonOS, please do not open a public issue with exploit details.

Reporting

Preferred: Use GitHub’s private reporting flow (Security Advisories) for this repository.
If that is not available: Send an email with the details to security@axondao.io

Scope

This repository includes container build scripts, a browser-accessible desktop stack (noVNC/VNC), and an optional token-gating component (AXGT gate). Reports covering any of these components are in scope.

Safe Harbor

We support good-faith security research. Please avoid privacy-invasive testing and do not disrupt production systems.