Security reports are welcome for:
- repository scripts
- workflow automation
- templates and generated instructions that could cause unsafe behavior
Please do not open public issues for potential vulnerabilities.
Instead:
- Use GitHub Security Advisories for this repository, or
- Contact the maintainer directly with details and reproduction steps.
Include:
- affected file(s)
- impact
- reproduction steps
- suggested mitigation (if known)
- Initial acknowledgment target: within 72 hours
- Triage and severity assessment: as soon as practical
- Fix timeline: based on severity and impact