We take security seriously. If you discover a security vulnerability in this project, please follow these guidelines.

Reporting a security vulnerability

• Preferred: Create a private GitHub Security Advisory for this repository (recommended) or open a private issue marked "security".
• If private reporting is not available, send an email with full details to: nuekkis@outlook.com (replace with an appropriate contact) — we will respond promptly.

What to include

• A clear description of the vulnerability.
• Steps to reproduce (minimal repro if possible).
• Versions affected (OS, .NET SDK, app version).
• Any exploit PoC or sample code (if safe to share).

Response process

• We'll acknowledge receipt within 48 hours.
• We will coordinate a fix and provide an expected timeline.
• Once fixed, we will work with you on disclosure (coordinated disclosure is preferred).

Third-party dependencies

• If a vulnerability is in a third-party library, we will follow the library's responsible disclosure process and update dependency versions as needed.

No bounty / legal

• This repo does not promise any bounty. By reporting, you are not granting us any rights beyond what is necessary to address the issue.