Do not open a public GitHub issue for security vulnerabilities.
Instead:
- Open a private GitHub Security Advisory, or
- Email
security@graycode.ai
Please include:
- Description of the issue
- Steps to reproduce
- Affected skill or tool (if applicable)
- Your recommended mitigation (if any)
We aim to acknowledge reports within 48 hours.
This policy covers the skill registry, validation tools, and the hawk-community-skills package itself.