Security

Machine Mind is a static personal blog and portfolio. The site does not provide user accounts, payment flows, private dashboards, or password-based access.

Responsible disclosure

If you believe you have found a security issue affecting this site, please email email2saumil2024@gmail.com with a clear description and steps to reproduce. Please allow reasonable time for a response before any public disclosure. There is no bug-bounty program; this is a personal site.

A machine-readable contact is also published at /.well-known/security.txt.

What this site does not collect

• No account passwords
• No payment details
• No private documents
• No sensitive form submissions

Static-site security posture

• Static pages generated with Zola
• Hosted on GitHub Pages over HTTPS
• Minimal, dependency-free vanilla JavaScript
• No client-side framework runtime
• No third-party analytics or tracking by default
• Pagefind search runs locally in the browser

External links

External links may lead to third-party websites that have their own privacy and security practices. Outbound links use rel="noopener noreferrer" where the templates control them.

Security headers

GitHub Pages has limitations around custom HTTP response headers. Recommended production headers (CSP, HSTS, and others) are documented in SECURITY_HEADERS.md in the repository for use if the site later moves to a host that supports custom headers.

See also: Privacy · Disclaimer