We take security seriously and appreciate responsible disclosures.

We generally support the latest release of Hugo Blox modules and starters. Security fixes may be backported at the maintainers' discretion.

• Do not open a public issue.
• Instead, open a private GitHub Security Advisory for this repository (Security tab → Report a vulnerability).
• If you cannot access advisories, email the maintainers via the repository's contact links on GitHub.

Please include:

• A clear description and minimal reproduction
• Impact assessment and potential exploit scenario
• Suggested remediation, if known

We will acknowledge receipt within 72 hours and keep you updated.

• This repository and official Hugo Blox modules/starters
• Third-party templates and plugins are out of scope

Thank you for helping keep the community safe.