Contact Us: Please send your report via email to [[email protected]]. This will ensure that it reaches the right us quickly.

Provide Details: Include as much information as possible about the vulnerability, such as the steps to reproduce it, its potential impact, and any suggestions you have for a fix.

Acknowledgement: We aim to acknowledge receipt of your report ASAP (hopefully within 48 hours)

Communication: We'll keep you updated on our progress. Expect an update at least every 72 hours until the issue is resolved.

Confidentiality: We ask that you keep the issue confidential until we've had a chance to address it. We'll coordinate with you on public disclosure.

Resolution: We'll work diligently to resolve the issue. If your report is accepted, we'll notify you of the resolution and any steps we're taking to prevent similar issues in the future.

Recognition: Contributors who responsibly report vulnerabilities will be acknowledged (if desired) in our public communications about the issue.

Accepted Reports: If we confirm the vulnerability and its impact, we'll work with you to validate and address it.

Declined Reports: If we determine that the report doesn't represent a real vulnerability, or it's not applicable to our project, we'll let you know why.