# Security Policy

## Reporting a Vulnerability

If you discover a security vulnerability, **please do not open a public issue**. This allows time to investigate and release a fix before the issue is publicly disclosed.

Report vulnerabilities by email to: **contact@riguetto.dev**

Include in your report:
- Description of the vulnerability
- Steps to reproduce
- Potential impact

You can expect a response within 72 hours. Once the issue is confirmed, a fix will be prioritized and a patched release will be made available before any public disclosure.