Security Policy
Purpose
This page outlines the responsible disclosure process for reporting security issues related to William Taylor’s Emergency Roadside Operations.
Scope
This policy applies to the public website located at:
https://williamtaylorero.neocities.org/
No other systems, devices, or infrastructure are in scope.
How to Report a Security Issue
Send a detailed report to:
Email: williamtaylorero@proton.me
PGP: Public Key
Include:
- ✔ Description of the issue
- ✔ Steps to reproduce
- ✔ Impact assessment
- ✔ Proof‑of‑concept details (if applicable)
In‑Scope Vulnerabilities
- ✔ XSS (Cross‑Site Scripting)
- ✔ CSP bypasses
- ✔ Broken access controls
- ✔ Authentication weaknesses
- ✔ Sensitive data exposure
Out‑of‑Scope
- ✖ Physical attacks
- ✖ Social engineering
- ✖ DDoS or rate‑limiting tests
- ✖ Attacks on Neocities infrastructure
- ✖ Automated vulnerability scanner noise
Expectations
- ✔ Act in good faith
- ✔ Avoid privacy violations
- ✔ Do not access or modify data
- ✔ Do not disrupt service availability
Response Process
Valid reports will receive acknowledgment and follow‑up communication. Non‑critical issues may be queued based on operational workload.