If you discover a security vulnerability in RUDI, please report it responsibly:
- Do not open a public GitHub issue
- Contact the maintainers directly
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will respond within 48 hours and work with you to address the issue.
- All forms use proper input validation
- HTTPS enforced on all pages
- No sensitive data stored client-side
- Regular dependency updates
- Survey responses are anonymous
- No personally identifiable information collected without consent
- Data stored securely in Google Sheets with access controls
- No third-party tracking beyond basic analytics
- Keep browser and devices updated
- Use strong passwords for any accounts
- Report suspicious activity
We appreciate security researchers who responsibly disclose vulnerabilities:
- Report directly to maintainers (not public issues)
- Allow reasonable time for fixes (30 days minimum)
- Don't publicly disclose until resolved
- Provide clear reproduction steps
For security concerns, contact the RUDI team through the website contact form or email.