At [Repository Name], we take security seriously. We encourage responsible disclosure of any vulnerabilities you may find. Thank you for helping keep our project secure!
To report a security vulnerability, please contact us directly at [contact email address]. Please do not file a public issue, as we need to provide a fix before disclosing the vulnerability publicly.
When reporting the vulnerability, please provide:
- A detailed description of the vulnerability and the potential impact
- Steps to reproduce the vulnerability
- Possible solutions or mitigations
We will work with you to validate and fix the vulnerability. We appreciate your help in making our project as secure as possible.
We will do our best to:
- Respond promptly to your report
- Validate and reproduce your report, if possible
- Notify you of our response, including the remediation timeline
- Provide credit to those who report valid vulnerabilities
This security policy only applies to vulnerabilities found within [Repository Name]. We are not responsible for vulnerabilities in third-party libraries or applications.
This security policy is adapted from the GitHub Security Policy, available under Creative Commons Attribution-ShareAlike license.