Please report security issues privately by emailing security@reflection.app. Do not open public issues for vulnerabilities.
Include:
- A clear description
- Steps to reproduce
- Potential impact
We aim to acknowledge reports within 3 business days and provide a status update within 7 business days.
This policy covers scripts, prompts, and documentation in this repository.