Security Policy

This document outlines the process for reporting and handling security vulnerabilities affecting this site.

Scope

• Static HTML, CSS, and service worker code in this repository.
• Site configuration served via GitHub Pages.

Out of Scope

• Third-party platforms (LinkedIn, GitHub, external blog).
• Browser or CDN infrastructure vulnerabilities.

Reporting

Email: [email protected]
Languages: English / Spanish.

Please include reproduction steps, impact assessment, and suggested remediation if possible.

Process

1. Report received and acknowledged (≤72h).
2. Validation and impact analysis.
3. Patch implementation (priority: severity).
4. Public acknowledgment (optional) if reporter consents.

PGP

PGP key / fingerprint available via Keybase.