Early Access · All certifications are currently free. Learn more

Incident Response Plan

How we respond when things go wrong. Published for accountability and transparency.

When a Certified Skill Is Found Vulnerable

0 – 1 hour

Detection

Vulnerability reported or discovered during re-certification. Automated monitoring flags anomalies.

1 – 4 hours

Triage

Assess severity, determine if exploit is active, classify the impact on certified skills.

4 – 12 hours

Notification

Skill author notified with specifics of the vulnerability and remediation guidance.

Immediate (critical)

Suspension

Certification suspended. Badge turns red. Verification endpoint returns "suspended". No grace period for critical issues.

Author's timeline

Remediation

Author patches the vulnerability and resubmits the skill for evaluation.

Upon resubmission

Re-certification

Full re-evaluation including the new vulnerability pattern. No shortcuts.

Within 7 days

Post-mortem

New pattern added to evaluator. Public disclosure if appropriate. Lessons documented.

When SXM Itself Is Compromised

Immediate Response

  1. Rotate all admin keys immediately. Old keys become invalid within seconds.
  2. Audit all certifications issued during the compromise window.
  3. Notify all API key holders with details of the incident scope.
  4. Public disclosure within 72 hours with full transparency on what happened.
  5. Post-mortem with root cause analysis published publicly.

Communication Channels

Report a Security Issue

For vulnerability reports, security concerns, or incident notifications:

research@scientiaexmachina.co

Additional channels: Public status page · Blog announcements