# AskBaily Security Disclosure — RFC 9116
# Publish vulnerabilities responsibly. We respond within 48 hours.

Contact: mailto:security@askbaily.com
Contact: https://askbaily.com/security
Expires: 2027-04-20T00:00:00.000Z
Encryption: https://askbaily.com/.well-known/pgp-key.asc
Acknowledgments: https://askbaily.com/security#hall-of-fame
Preferred-Languages: en, es
Canonical: https://askbaily.com/.well-known/security.txt
Policy: https://askbaily.com/security
Hiring: https://askbaily.com/for-pros/apply

# Scope:
#   In-scope:  askbaily.com, *.askbaily.com, /.well-known/*, /api/*, /data/*,
#              /feed/*, /facts/*
#   Out-of-scope: NPLD-operated infrastructure (nplinedesign.com), third-party
#                 CDN vulnerabilities outside our configuration, spam/phishing
#                 reports (use abuse@askbaily.com)
#
# Safe harbor: Good-faith research that complies with this policy is authorized
# and will not trigger legal action. See /security for the full safe harbor
# clause modeled on Disclose.io Core Terms.