Security
Report security issues directly.
Use the security contact for vulnerabilities, exposed secrets, access-control issues, or suspicious behavior involving ContractIQ.
Report
What to include.
Send the affected URL or tenant site, steps to reproduce, expected and actual behavior, screenshots or logs if safe to share, and whether you believe tenant data was exposed.
hello@cyrillian.comPublic site scope
The public site is separate from tenant answer sites. A marketing page issue may not affect a tenant deployment, but we still want the report.
Keep secrets out of email
Do not send live credentials, access tokens, private crew records, or source documents by email. Describe what you found and we will arrange a safer path if sensitive material is needed.
Tenant incidents
If the issue involves a tenant answer site, include the tenant domain and account role if you can. For urgent access problems, use the tenant support path as well so local administrators can respond.
What happens next
We triage reports, confirm receipt when possible, and prioritize issues that could expose tenant data or affect account access.