Responsible Disclosure

How to report

Report potential security issues to [email protected]. Include reproducible steps, impact summary, and affected endpoints or workflows.

Response targets

• Acknowledgment target: within 3 business days
• Triage target: as quickly as practical based on severity and reproducibility
• Status updates: provided for materially impactful issues while remediation is in progress

Scope and expectations

• Do not attempt destructive testing, denial of service, or social engineering.
• Do not access data that does not belong to you.
• Provide enough detail to let us reproduce and resolve the issue quickly.