Please do NOT open a public GitHub issue for security vulnerabilities.

If you discover a security vulnerability in PrepIQ, please report it responsibly by emailing the maintainer directly via the contact on their GitHub profile.

• Clear description of the vulnerability
• Steps to reproduce the issue
• Potential impact assessment
• Suggested fix (optional)

• Acknowledgement within 48 hours
• Status update within 7 days
• Credit in release notes if desired

• Never commit .env files or real API keys
• Use .env.example for sharing environment variable names
• Never hardcode secrets in source code

Thank you for helping keep PrepIQ secure! 🔒