If you discover a security issue, please report it responsibly.
Do NOT create a public GitHub issue for security vulnerabilities. Instead:
- Email: Contact magnus@botwork.se directly
- GitHub Security Advisories: Use Private vulnerability reporting
We aim to respond within 48 hours and provide a timeline for the fix.
- Prove compiler vulnerabilities
- Runtime security issues
- Standard library security flaws
- Social engineering
- Physical security
- Denial of service (unless trivially exploitable)
For automated security contact discovery, see .well-known/security.txt.