Open-source Caracal, built with community to make AI agents intelligent
SECURITY

REPORT VULNERABILITY

Help us keep Caracal and its ecosystem secure by responsibly disclosing vulnerabilities.

RESPONSIBLE DISCLOSURE

Caracal is an open economic infrastructure for AI agents, and security is a core part of our design. If you believe you have discovered a vulnerability in Caracal, ASE, or any related service, we encourage you to report it responsibly so we can investigate and resolve it.

We value community-driven security research and aim to handle all reports transparently and professionally.

REPORTING GUIDELINES

  • Send your report to our official security contact address.
  • Provide a clear description of the vulnerability and how to reproduce it.
  • If you have a proposed fix or mitigation, please include it.
  • Do not attempt to access, modify, or exfiltrate data that does not belong to you.
  • Do not publicly disclose the vulnerability until we confirm a fix or response.
  • Avoid any actions that could disrupt production systems.

We will evaluate all valid reports and respond with next steps. Contributors may be credited in public security advisories.

CONTACT SECURITY

If you find a vulnerability, contact our security team directly:

support@garudexlabs.com

For sensitive disclosures, you may request our PGP key for encrypted communication.

For the latest security policy and updates, always refer to: Security Policy