Current security posture and reporting channels for the private alpha.
Version: 2026-06-12-staging
Security: abuse@gutmask.xyz
- Authentication is backed by Argon2id password hashing, JWT access tokens, and refresh-token rotation.
- Control-plane and runtime-plane permissions are enforced through ACL v14 group-based authorization.
- Security and abuse reports should be sent to the contact below until a full disclosure program is published.