This is the security notice for PyWhatKit Discord Bot Repository. The notice explains how vulnerabilities should be reported.
If you've found a vulnerability, we would like to know so we can fix it before it is released publicly. Do not open a GitHub issue for a found vulnerability.
Send details to an admin of the discord server through a direct message, including:
- the part of the code where the vulnerability can be observed
- a brief description of the vulnerability
- optionally the type of vulnerability
- non-destructive exploitation details
We will do our best to reply as fast as possible.
The following vulnerabilities are not in scope:
- volumetric vulnerabilities, for example overwhelming a service with a high volume of requests
- reports indicating that our services do not fully align with “best practice”
If you aren't sure, you can still reach out via a direct message.
This notice is inspired by the Python Discord Security Notice.
Version 2021-07