| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability, please report it privately:
- DO NOT create a public GitHub issue
- Email: [security contact needed]
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- 24 hours: Initial response acknowledging receipt
- 72 hours: Initial assessment and severity classification
- 7 days: Detailed response with fix timeline
When contributing:
- Always validate inputs
- Use proper authentication checks
- Follow principle of least privilege
- Test edge cases and error conditions
- Review code for potential vulnerabilities