Skip to main content
Security

Capell security and disclosure policy

Security needs its own public route so researchers and buyers can find disclosure rules, supported versions, and package trust boundaries without digging through legal copy.

Join the waitlist Read the docs
Core: CMS foundation Package: Installable depth Roadmap: Future platform work
Artwork · Trust

Generated Recraft artwork for security, package trust, and operating posture surfaces.

Commercial V3
Buyer proof

Security proof points.

Security explains the buyer promise, names the product surface, and keeps shipped core behaviour separate from package and roadmap work.

Core Responsible disclosure. Report affected packages, versions, URLs, reproduction steps, impact, and safe proof of concept.
Package Package advisories. Marketplace trust depends on compatibility, support status, security contacts, and install impact staying visible.
Roadmap CVE and incident history. Public CVE history, incident notes, and uptime claims need operational evidence before they become promises.
Maturity labels

Security capabilities by maturity.

Security uses visible maturity labels so buyers can tell what is in the CMS foundation, what arrives through packages, and what remains planned.

Core CMS foundation Capell core covers structured records, admin surfaces, URLs, layouts, media, translations, and public rendering boundaries.
Package Installable depth Packages add focused workflow, operations, growth, forms, SEO, search, migration, or marketplace capability.
Roadmap Future platform work Unshipped promises stay labelled until the product and docs prove them.
Internal links

Where to go after Security.

Read more Why Capell Start with the product story and Laravel boundary. Continue Read more Platform Review the Core, Package, and Roadmap capability map. Continue Read more Pricing Move from evaluation into early access and founder contact. Continue