This repository contains specification text and conformance vectors — there is no running service here. Still, a flaw in the spec (for example, an evaluation rule that could let an implementation report a false "satisfied") is a security-relevant issue.

Report suspected spec-level vulnerabilities or soundness flaws privately to:

security@dekimu.com

Please include:

• the affected file and section;
• a description of the flaw and the incorrect behavior it permits;
• a minimal example (manifest + facts + corpus) if applicable.

Please do not open a public issue for soundness flaws until the Steward has had a chance to respond. We aim to acknowledge within a reasonable period and to coordinate a fix and disclosure.