If you discover a security vulnerability, please report it responsibly.

Do not open a public issue.

Instead, email natjiks@gmail.com with:

• A description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

You should receive an acknowledgment within 48 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.

This policy covers the core redcon package and its published Docker image. Third-party plugins and integrations are outside scope unless bundled in this repository.