# 妲己 AI · Security Policy · RFC 9116
# 安全研究人员请通过以下渠道联系，我们将在 72 小时内回复
# Security researchers please contact us via the channels below; we respond within 72 hours

Contact: mailto:security@ylctkx9s.work
Contact: https://dajiai6.com/about/
Expires: 2027-05-16T00:00:00.000Z
Preferred-Languages: zh-CN, en
Canonical: https://dajiai6.com/.well-known/security.txt
Policy: https://dajiai6.com/about/
Acknowledgments: https://dajiai6.com/about/

# 范围 / Scope
# - dajiai6.com/* (Web)
# - 妲己 Android / iOS App
# - 妲己后端 API (api.ylctkx9s.work)

# 报告内容请包含 / Please include in reports:
# - 漏洞类型 (XSS / SQLi / SSRF / Auth bypass / Logic flaw)
# - 复现步骤
# - 影响范围
# - 你希望的署名方式（或匿名）

# 内容举报（与安全漏洞不同）请用 abuse@ylctkx9s.work
# Content abuse reports (separate from security vulns) → abuse@ylctkx9s.work