I'm well aware of what the risks are. It was something from github, so it's not like I was doing anything crazy, anyway. During my disclosure, I told them the kinds of port scans I did, and the types of individuals I shared the information to. As full disclosure as I possibly could have been.

I'd rather not fall into this trap: https://theintercept.com/2016/04/28/new-study-shows-mass-sur...