We take data security, privacy, and responsible disclosure seriously. Use this guide to report issues or concerns.

Report the following:

• Exposed credentials, API keys, or private dataset links within this repository.
• License compliance issues that could impact dataset authors.
• Vulnerabilities in tooling (scripts, workflows) that may lead to data corruption or remote code execution.

Out of scope:

• Dataset-specific vulnerabilities that must be reported directly to the dataset owners.
• General feature requests or documentation gaps (use GitHub Issues instead).

1. Use GitHub Security Advisories to report vulnerabilities privately.
2. Alternatively, email the maintainers at wenxuan@cyberautonomy.dev with a detailed description, reproduction steps, and potential impact.
3. If you cannot use GitHub advisories, open a private issue or email.

We will acknowledge receipt within 72 hours and provide an estimated remediation timeline. Please do not create public issues for security concerns.

We appreciate coordinated disclosure. Do not share vulnerability details publicly until a fix is released or we agree on disclosure timing.