Responsible disclosure

AgentReady reports have one owner-confirmed public contact.

JEASON confirmed contact@certif-scope.com as the public legal, privacy and reporting contact for TimeProofs AgentReady. Do not include secrets, credentials, private contracts or unnecessary personal data in a report.

OWNER_CONFIRMED_CHANNEL

Reporting contact

Use contact@certif-scope.com for legal, privacy and responsible-disclosure reports. No response time, bounty, SLA, guaranteed fix or certification is promised.

In scope

What reports should cover.

  • Browser scanner pages and local file handling.
  • AgentReady CLI and GitHub Action behavior.
  • agentready.json v0.1 outputs, documentation and examples.
  • Static-analysis behavior that could mislead users about risk.

Reporting boundary

The contact channel is public, but this page does not create a vulnerability bounty program, incident-response SLA, guaranteed correction commitment or security certification.

Disclosure non-goals

Mandatory limitation

TimeProofs AgentReady does not guarantee that an AI agent will never fail. It identifies structural risks that may cause AI agents to misuse APIs, tools or MCP servers.

AgentReady at a glance

Responsible disclosure uses the owner-confirmed contact contact@certif-scope.com without promising a bounty, SLA, guaranteed fix or certification. AgentReady is a product and candidate open standard for static pre-deployment analysis. It is not a runtime firewall, independent certification, official standards-body standard or guaranteed-safety system.

Availability
AgentReady Community is free and available. AgentReady Pro is planned and not purchasable.
Language
English is the current canonical language. No translated alternate route is published for this page.
Sources

AGENTREADY_MASTER_PLAN.mdGLOBAL_STANDARD_SITE_PROGRAM.mdSEO_GEO_AI_FIRST_REQUIREMENTS.mdSITE_COPY_GUIDE.mdSECURITY.md