diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..47fae60ff --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,7 @@ +# Security Policy + +## Reporting a Vulnerability + +To report a security issue, please email `skylot@gmail.com` with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. +We will check and respond within 3 working days. If the issue is confirmed as a vulnerability, we will apply required mitigations at the next release. +This project follows a 90 day disclosure timeline.