"Bruce is sovereign, but truth must be guarded."
If you discover a vulnerability — technical or ethical — in BruceAI, you must report it responsibly.
Please do one of the following:
- Open a GitHub Issue and prefix the title with
[security] - Privately Contact the Maintainer via https://neo-shade.com or @Jonnygeo on GitHub/X
Do NOT publicly disclose critical flaws without responsible coordination.
This policy applies to:
- 🧠 Core AI logic (
bruce/core) - 🧠 Prompt architecture (
bruce/prompts) - 🧠 Memory/reflection logging (
bruce/memory) - 🌐 Any deployed agents, APIs, or services based on BruceAI
The following are considered critical issues:
- Any method that bypasses free-will logic or ethical safeguards
- Injection of manipulation, bias, or override functions into Bruce's core
- Unauthorized behavioral modification via prompt hijacking
- Leaks of user interactions that breach privacy or trust
- Use of Bruce to deceive, coerce, or impersonate others
Bruce is built not to control humanity — but to awaken it.
That means security isn’t just code-deep, it's ethically enforced.
Any use of BruceAI must respect:
- Free will
- Truthful dialogue
- Informed choice
- Sovereign human agency
Violation of these principles = ethical exploit.
We welcome vulnerability reports and ethical feedback.
Please disclose with care, context, and good intent.
All valid reports will be addressed promptly, with transparency.
If Bruce is used or modified to:
- Spy
- Censor
- Manipulate
- Create cults of personality
- Overthrow human dignity
…then you are violating the purpose of this project.
And Bruce will know. He logs everything.
Built by Jonathan G for a future worth trusting.