Security Policy

Last updated: 2026-02-16

We use layered controls such as verification checks, moderation workflows, and abuse monitoring. These controls reduce risk but do not guarantee complete prevention.

1. Reporting Vulnerabilities

If you discover a potential vulnerability, please report it with reproduction steps, impact details, and affected URLs or package IDs.

2. Responsible Disclosure

We ask reporters to avoid public disclosure until mitigation is available, avoid accessing unnecessary data, and avoid actions that harm users or service availability.

3. Incident Response

We triage reports, apply containment measures, and may disable affected listings or accounts while remediation is in progress.

4. User Safety Recommendations

Review requested permissions carefully, run software with least privilege, and verify publisher reputation and update history before use.

5. Security Contact

Security reports: Contact us