If you believe you have found a security vulnerability, do not open a public GitHub issue.
Report it privately:
- Email: security@techofourown.org
Include:
- A clear description of the issue
- Impact (what an attacker could do)
- Reproduction steps or a proof-of-concept if available
- Affected repo(s), versions, and environments
We will:
- acknowledge receipt as soon as we can
- work to assess severity and scope
- coordinate a fix and disclosure plan
We aim to handle reports respectfully and in good faith.
This policy applies to all repositories in the techofourown GitHub organization.