XII Technologies is committed to protecting the integrity and resilience of our systems, libraries, and user-facing APIs. If you believe you have discovered a security vulnerability, we strongly encourage you to report it in a responsible and confidential manner. This allows us to investigate, resolve, and disclose issues thoughtfully and transparently—prioritizing the security of our community and users.

To report a potential vulnerability:

• 📬 Contact us at contact@xiitechnologies.com.
• ⏱️ Expected response time: within 48 hours.
• 🤝 Disclosure policy: We prefer coordinated disclosure and will work with you to define a remediation timeline that aligns with impact severity and downstream dependencies.

When submitting a report, please include:

• A clear and concise description of the vulnerability.
• Steps to reproduce, or a minimal test case (if available).
• The affected component(s) and potential impact.
• Any known workarounds or mitigation strategies.
• Whether you’ve tested the issue against the latest version or commit.

We value responsible disclosure and deeply appreciate security research and collaboration. Valid reports will be acknowledged publicly (with permission) and addressed through patch releases, advisory bulletins, and changelogs.