The GitHub Active Malware or Exploits Policy prohibits the use of GitHub’s platform to deliver malware or facilitate unlawful attacks that cause technical harm, while still allowing dual-use content for legitimate security research and educational purposes. Maintained by GitHub as part of its Acceptable Use Policies, it balances protecting the community against abuse with supporting open security research and responsible disclosure practices.