Security

SECURITY.md

Security Policy

Scope

This repository is documentation-only. The main security risks are:

incorrect public/private surface claims
leaked tokens, secrets, or screenshots
stale links that point to sensitive or internal systems

Supported versions

main
the latest tagged documentation release, if present

Reporting a vulnerability

Please use GitHub's private security advisory flow for this repository.

Do not open a public issue for:

credential leakage
access-control mistakes
hostnames or routes that should not be public

What to include

affected file or URL
evidence of the issue
impact and scope
whether the surface is public, gated, or internal/unverified

Response expectation

We will triage documentation security reports as soon as practical and update the registry or docs canon when needed.

There aren’t any published security advisories