We take security vulnerabilities seriously. If you discover a security issue, please report it to us responsibly through GitHub's private vulnerability reporting system.
- Navigate to the Security tab in this repository
- Click on "Advisories"
- Select "Report a vulnerability"
- Complete the vulnerability report form
- Response Time: We will acknowledge your report within 3 business days
- Assessment: Our team will investigate and validate the reported issue
- Updates: You'll receive regular progress updates
- Resolution: We will work to address valid vulnerabilities and coordinate disclosure
This policy applies to all repositories under our organization that contain a SECURITY.md file.
Please do not report security vulnerabilities through public GitHub issues, discussions, or other public channels.