# asxan.ai · security.txt · RFC 9116
# https://www.rfc-editor.org/info/rfc9116

Contact: mailto:security@asxan.ai
Contact: https://asxan.ai/about/
Expires: 2027-05-29T00:00:00.000Z
Preferred-Languages: en
Canonical: https://asxan.ai/.well-known/security.txt
Policy: https://asxan.ai/about/
Acknowledgments: https://asxan.ai/about/

# Scope
# asxan.ai is a static educational hub (zero commerce, zero PII collection,
# zero user authentication, zero server-side state). Security reports primarily
# concern infrastructure issues (Cloudflare Pages configuration, CSP bypass,
# DNS/cert issues). Content corrections (PMID drift, citation errors) should
# be reported via the reverse-correction disclosure channel documented on
# /faq/ rather than this security contact.

# Out-of-scope (per RFC 9116 §6.3 best practice)
# - Content opinion / editorial dispute
# - Affiliate / partnership requests
# - Marketing / advertising