Security

SECURITY.md

Security Policy

Supported Versions

Security fixes are provided for the latest released version.

Reporting a Vulnerability

Please report security issues privately. Do not open public issues for active vulnerabilities.

Include:

Affected version/commit
Reproduction steps
Impact assessment
Suggested remediation (if available)

Use your repository host's private vulnerability reporting flow when available.

Sensitive Data Handling

Never commit access tokens, secrets, or production credentials.
Rotate exposed credentials immediately.
Redact tokens and account IDs from shared logs when possible.

There aren't any published security advisories