If you discover a security vulnerability in Xscriptor JetBrains (including themes, UI modifications, or resource configurations), please report it responsibly via email to:

Email: x@xscriptor.com

Do not open public GitHub issues for security vulnerabilities. Private disclosure allows us to fix the issue before it can be exploited.

When reporting a security issue, please provide:

1. Description — A clear explanation of the vulnerability.
2. Type — The category of the issue (e.g., configuration injection, sensitive data exposure, etc.).
3. Steps to Reproduce — Detailed steps or a Proof of Concept (PoC) to trigger the vulnerability.
4. Impact — How severe is the issue? What could an attacker achieve?
5. Affected Component — Which specific theme pack or resource is affected?

• Confidentiality — Do not disclose the vulnerability publicly until a fix is released.
• Patience — Please give the maintainers reasonable time to address the issue before public disclosure.
• Response Time — We aim to acknowledge receipt within 7 days.

While these resources are designed to be safe, please keep these recommendations in mind:

• Stay updated — Always use the latest version of the themes and configurations available in this repository.
• Verify IDE Settings — When importing settings or themes, ensure you understand the changes being made to your JetBrains IDE core.
• Configuration Privacy — Be cautious when sharing your IDE export files if they contain sensitive file paths or tokens.
• Trusted Sources — Only apply UI modifications and themes from the official Xscriptor repository.