If you discover a security vulnerability, please report it by emailing [email protected].

Please do not report security vulnerabilities through public GitHub issues.

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

• Initial response: Within 48 hours
• Status update: Within 7 days
• Resolution: Varies based on complexity

• Keep dependencies updated
• Use environment variables for sensitive data
• Enable proper authentication and authorization
• Validate all inputs
• Use HTTPS in production