Please report suspected vulnerabilities privately through GitHub:

• Open the repository Security tab
• Click Report a vulnerability
• Submit details through GitHub Private Vulnerability Reporting

Do not open public issues for security vulnerabilities.

Please include:

• affected version/tag or commit
• vulnerable file/path and rule or behavior impacted
• reproduction steps and proof of concept
• impact assessment and any suggested mitigation

AIShield maintainers aim to:

• acknowledge new reports within 72 hours
• provide an initial assessment within 7 days
• coordinate remediation and disclosure timing with the reporter

After a fix is available, maintainers may publish:

• a changelog entry
• release notes with impact summary
• migration or mitigation guidance when needed