If you discover a security vulnerability in this package, please report it responsibly.

Do NOT open a public GitHub issue.

Instead, email dpo@macpaw.com with:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

We will acknowledge receipt within 2 business days and aim to provide a fix or mitigation plan within 7 business days.

This policy covers the @macpaw/ai-sdk npm package and its published artifacts. Third-party dependencies are outside of scope but will be triaged if reported.