TraceCoreAI · trilamsr · May 19, 2026 · May 19, 2026
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -222,7 +222,7 @@ Open a GitHub issue with:
 
 ## Security issues
 
-Email security@tracecore.ai (or open a private security advisory on GitHub). Do not file public issues for vulnerabilities.
+Open a private [GitHub Security Advisory](https://github.com/tracecoreai/tracecore/security/advisories/new). Do not file public issues for vulnerabilities. Full disclosure procedure in [SECURITY.md](SECURITY.md).
 
 ## License
 

diff --git a/MILESTONES.md b/MILESTONES.md
@@ -193,7 +193,7 @@ M20a/b/c are gates against the same artifact (`bench/install/run.sh`) at progres
 - Re-running `make release` on a clean checkout of the `v0.1.0` tag produces a `linux/amd64` binary byte-identical to the published asset; scheduled CI job verifies via `diffoscope`; P0 on breakage. (per PRINCIPLES §12)
 - Release workflow uses pinned action SHAs, requests only `id-token: write` and `contents: write`; `zizmor` + `actionlint` report zero findings. (per NORTHSTARS O3)
 - Published SBOM enumerates ≥1 `components[]` entry per direct module in `go.mod`; CI asserts `len(components) >= direct_dep_count`. (per NORTHSTARS O3)
-- `SECURITY.md` referenced from release notes; canary email to `security@tracecore.ai` at release time confirms inbox responds within 2 business days or release is blocked. (per [`SECURITY.md`](SECURITY.md) L20 "Acknowledgement within 2 business days"; NORTHSTARS O3 7-day SLA refers to *initial assessment* per SECURITY.md L21 — same document, two distinct clocks; reconciliation to NORTHSTARS deferred.)
+- `SECURITY.md` referenced from release notes; the GitHub Security Advisory inbox is verified enabled at release time (`gh api /repos/tracecoreai/tracecore/private-vulnerability-reporting` returns `{"enabled":true}`) and at least one `@TraceCoreAI/core` member is configured to receive advisory notifications. Release is blocked if either check fails. (per [`SECURITY.md`](SECURITY.md) "Disclosure channel"; NORTHSTARS O3 7-day SLA refers to *initial assessment* per SECURITY.md "What to expect" — same document, two distinct clocks; reconciliation to NORTHSTARS deferred.)
 
 ---
 

diff --git a/SECURITY.md b/SECURITY.md
@@ -4,9 +4,7 @@
 
 If you believe you have found a security vulnerability in tracecore, please report it privately. **Do not open a public GitHub issue.**
 
-Email: **security@tracecore.ai**
-
-Or open a private GitHub Security Advisory: https://github.com/tracecoreai/tracecore/security/advisories/new
+**Disclosure channel:** open a private GitHub Security Advisory at <https://github.com/tracecoreai/tracecore/security/advisories/new>. The advisory is visible only to the reporter and the `@TraceCoreAI/core` maintainers team; coordinated-disclosure discussion happens inside the advisory thread.
 
 Please include:
 
@@ -22,7 +20,7 @@ Please include:
 - **Coordinated disclosure** with a default 90-day embargo from the date of acknowledgement, extendable by mutual agreement when a fix requires more time
 - A CVE will be requested for any vulnerability that affects deployed users
 
-If you do not receive a response within 7 days, please re-send the report and CC `security-followup@tracecore.ai`.
+If you do not receive an acknowledgement within 7 days, comment on your own advisory thread to ping the maintainers (the comment notifies the team) or open a follow-up advisory referencing the original.
 
 ## Scope
 
@@ -36,7 +34,7 @@ Out of scope:
 
 - Third-party dependencies (please report upstream)
 - Customer deployments of tracecore that have been modified
-- The proprietary synthesis engine (separate disclosure path; contact security@tracecore.ai for routing)
+- The proprietary synthesis engine — file a separate private advisory at the same URL above and note in the title that it concerns the synthesis engine; it follows the same disclosure clock
 
 ## Safe harbor