We take security seriously. If you discover a security vulnerability, please report it responsibly.

Please DO NOT open a public GitHub issue for security vulnerabilities.

Instead, please send an email to soundbrokaz@kakao.com with:

• A description of the vulnerability
• Steps to reproduce the issue
• Potential impact assessment
• Any suggested fixes (if applicable)

• Acknowledgment: Within 48 hours of receiving your report
• Initial Assessment: Within 7 days
• Resolution Target: Depends on severity, typically within 30 days

We follow a coordinated disclosure process:

1. Reporter submits vulnerability privately
2. We acknowledge and assess the report
3. We develop and test a fix
4. We release the fix and publish a security advisory
5. Reporter is credited (unless they prefer anonymity)

Security updates will be released as patch versions and announced via:

• GitHub Security Advisories
• Release notes in CHANGELOG.md

Thank you for helping keep leonidas and its users safe!