defirisk.co
rubric v1.7.0

Disclosure SLA public

Lista DAO's assessment for RD-F-176 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No publicly stated acknowledgment-time SLA found on Immunefi program page or protocol documentation. No SECURITY.md in GitHub repository (security_md_present=false per data cache). No security@ contact email found in docs or website. Immunefi standard terms govern implicitly but no explicit Lista-specific SLA published. Red threshold: no SLA published.

Sources #

  • Internal
    Data cache — no SECURITY.md in GitHub repository.research/protocols/lista-dao/00-data-cache.json github.security_md_present=falseretrieved 2026-05-12
  • URL
    Lista DAO Immunefi — no disclosure SLA statedImmunefi Lista DAO program page — no SLA foundretrieved 2026-05-12

Methodology #

Determine whether the protocol publishes an acknowledgment-time SLA for disclosed vulnerabilities (e.g., 72h ack).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol lista-dao factor RD-F-176 score red collected_at 2026-05-12 17:54:05