Sphinx.bot is developed with security as the main focus. Being a chat-bot, it has a single attack surface whose only possible entry would be the injection of malicious code. Database records are also manually handled to prevent malicious entries from within or log poisoning. However, Sphinx.bot is vulnerable to failures within the platforms on which it runs, as they are not under the control of the operator.

Because it runs on other platforms, Sphinx.bot takes advantage of their security structure, but, if a vulnerability is found, please open an issue with a complete description, CVE (if any) and a proof of concept. Failures will be dealt with immediately or according to the degree of severity.