Thank you for taking the time to review this Security Policy. We take security seriously and appreciate responsible disclosure of potential vulnerabilities. Even where our systems are designed to minimize or avoid handling user data, we still treat unauthorized access, modification, disruption, or misuse as security issues and welcome reports that help reduce risk.
Please report vulnerabilities through GitHub's private vulnerability reporting form, or by email to [email protected].
Include as much relevant detail as possible, such as:
- a description of the issue
- steps to reproduce it
- affected components or endpoints
- potential impact
- any suggested remediation
We will review all legitimate reports and respond as appropriate.