This document outlines GitHub's policy regarding active malware and exploits on its platform. It clarifies that using GitHub for unlawful attacks is prohibited, while also supporting the publication of dual-use content for security research. The policy details conditions under which content might be restricted and provides an appeals process for users.