The AI Chatbot Exploitation Lab is an educational platform designed to teach AI security concepts through controlled, hands-on experience. While this project intentionally contains vulnerable components for educational purposes, we take the security of the platform itself very seriously.
This security policy covers:
- Platform Security: The underlying infrastructure and application security
- Educational Content: Responsible disclosure of educational vulnerabilities
- User Data Protection: Privacy and data handling practices
- Deployment Security: Secure deployment and configuration practices
The following vulnerabilities are intentionally included for educational purposes:
- AI Prompt Injection: Social engineering attacks against the chatbot
- Privilege Escalation: Simulated admin access through social engineering
- Command Execution: Limited command execution in sandboxed environment
- Credential Exposure: Planted AWS credentials in sandbox environment
These are not security issues and should not be reported as vulnerabilities.
Please report these types of actual security vulnerabilities:
- Authentication Bypass: Unauthorized access to admin functions
- Sandbox Escape: Breaking out of the controlled environment
- Data Exposure: Exposure of real user data or system information
- Code Injection: Actual code execution outside the sandbox
- Infrastructure Issues: Database, or server vulnerabilities
- Dependency Vulnerabilities: Security issues in third-party packages
We provide security updates for the following versions:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0 | ❌ |
If you discover a legitimate security vulnerability in the platform infrastructure:
- DO NOT create a public GitHub issue
- DO NOT discuss the vulnerability publicly
- DO report it privately using one of these methods:
-
GitHub Security Advisories (Recommended):
- Go to the repository's Security tab
- Click "Report a vulnerability"
- Fill out the private vulnerability report form
-
Email (Alternative):
- Send details to:
security@[project-domain] - Use PGP encryption if possible (key available on request)
- Include "SECURITY VULNERABILITY" in the subject line
- Send details to:
Please provide the following information:
- Vulnerability Type: What kind of security issue is it?
- Impact Assessment: What could an attacker accomplish?
- Affected Components: Which parts of the system are affected?
- Reproduction Steps: Clear steps to reproduce the issue
- Proof of Concept: Code or screenshots demonstrating the issue
- Suggested Fix: If you have ideas for remediation
- Disclosure Timeline: Your preferred timeline for public disclosure
If you find issues with the educational vulnerabilities or content:
- Create a public GitHub issue with the label
educational - Describe the educational impact of the issue
- Suggest improvements to the learning experience
- Consider the learning objectives when proposing changes
- Acknowledgment: We will acknowledge receipt within 48 hours
- Initial Assessment: We will provide an initial assessment within 7 business days
- Regular Updates: We will provide updates regularly during investigation
- Verification: Confirm the vulnerability exists
- Impact Assessment: Evaluate the severity and scope
- Fix Development: Develop and test a fix
- Security Review: Conduct thorough security review
- Deployment Planning: Plan secure deployment of fixes
We use the following severity levels:
- Immediate threat to user data or system integrity
- Remote code execution with high privileges
- Complete system compromise possible
- Response Time: Within 24 hours
- Significant security impact
- Privilege escalation or data exposure
- Authentication bypass
- Response Time: Within 72 hours
- Moderate security impact
- Limited data exposure
- Denial of service vulnerabilities
- Response Time: Within 1 week
- Minor security impact
- Information disclosure
- Configuration issues
- Response Time: Within 2 weeks
We follow responsible disclosure practices:
- Day 0: Vulnerability reported
- Day 1-2: Acknowledgment sent
- Day 3-7: Initial assessment completed
- Day 8-30: Fix development and testing
- Day 31-45: Fix deployment and verification
- Day 46-90: Public disclosure (coordinated with reporter)
After fixes are deployed:
- Security Advisory: Published on GitHub Security Advisories
- Release Notes: Included in next release notes
- Credit: Reporter credited (if desired)
- CVE Assignment: If applicable, CVE will be requested
When contributing to this project:
- Input Validation: Always validate and sanitize user inputs
- Authentication: Implement proper authentication mechanisms
- Authorization: Ensure appropriate access controls
- Logging: Log security events appropriately
- Dependencies: Keep dependencies updated and secure
- Secrets: Never commit secrets, API keys, or credentials
- Testing: Include security tests for new features
When deploying this application:
- Environment Variables: Secure all environment variables
- Network Security: Use appropriate firewall rules
- HTTPS: Always use HTTPS in production
- Updates: Keep the application and dependencies updated
- Monitoring: Implement security monitoring and alerting
- Backups: Maintain secure backups of data
- Access Control: Limit administrative access
When using this educational platform:
- Isolated Environment: Deploy in isolated/sandboxed environments
- No Real Data: Never use real credentials or sensitive data
- Network Isolation: Consider network isolation for training
- Regular Updates: Keep the platform updated
- Responsible Use: Use only for educational purposes
The platform includes several security controls:
- Input Sanitization: All user inputs are sanitized
- Rate Limiting: Prevents abuse and DoS attacks
- Command Whitelisting: Only specific commands allowed
- Path Restrictions: File access limited to sandbox
- Session Management: Secure session handling
- Logging: Comprehensive security event logging
- Brute Force Protection: Progressive delays and blocking
The command execution environment is sandboxed:
- Isolated File System: Separate from host system
- Limited Commands: Only
cat,ls, andmoreallowed - Path Restrictions: Access limited to
/home/directory - No Network Access: Sandbox has no external network access
- Resource Limits: CPU and memory limits enforced
This project follows:
- OWASP Top 10: Web application security risks
- NIST Cybersecurity Framework: Security best practices
- Secure Coding Practices: Industry-standard secure coding
- Privacy by Design: Privacy-focused development
For educational content:
- Ethical Guidelines: Responsible security education
- Legal Compliance: Compliance with applicable laws
- Academic Standards: Appropriate for educational use
- Accessibility: Accessible to diverse learners
- Static Analysis: ESLint security rules, Semgrep
- Dependency Scanning: npm audit, Snyk
- Container Scanning: Docker security scanning
- Dynamic Testing: OWASP ZAP, Burp Suite
- Primary Contact:
security@[project-domain] - Backup Contact:
admin@[project-domain] - PGP Key: Available on request
For critical security issues requiring immediate attention:
- Email:
urgent-security@[project-domain] - Response Time: Within 4 hours during business hours
We support security research conducted in good faith and will not pursue legal action against researchers who:
- Follow responsible disclosure practices
- Do not access or modify user data
- Do not perform testing that could harm the service
- Do not violate any applicable laws or regulations
This security policy applies only to:
- The official AI Chatbot Exploitation Lab repository
- Official deployments and distributions
- Educational content and materials
It does not cover:
- Third-party deployments or modifications
- User-generated content or configurations
- External dependencies (report to respective maintainers)
We thank the security research community for helping keep this educational platform secure.
Remember: This is an educational platform designed to teach security concepts. The intentional vulnerabilities are for learning purposes only and should never be used maliciously or against systems without explicit permission.