We take the security of Rendobar and its users seriously. Thank you for helping keep it safe.

Do not open a public issue for security vulnerabilities.

Report privately through one of:

• GitHub's private vulnerability reporting on the affected repository (Security → Report a vulnerability), or
• Email security@rendobar.com with details and reproduction steps.

Please include:

• A description of the vulnerability and its impact
• Steps to reproduce (proof-of-concept if possible)
• Affected component, version, or endpoint

• We aim to acknowledge reports within 3 business days.
• We will keep you updated on our progress as we investigate and remediate.
• We will credit reporters who wish to be acknowledged once a fix ships.

Please give us reasonable time to address an issue before any public disclosure. We do not pursue legal action against good-faith security research that respects user privacy and avoids service disruption.