This project is RTL hardware IP and simulation tooling. Security concerns are primarily relevant to:

• Supply chain integrity of HDL toolchain dependencies
• Malicious netlists or synthesis scripts injected via contributions
• Unsafe TCL/Python scripts in the scripts/ and sim/ directories

If you discover a security issue (e.g., a script that executes arbitrary code, a malicious dependency, or a backdoor in synthesized logic):

1. Do not open a public GitHub issue.
2. Email the maintainer at: sanskaarundale@gmail.com
3. Include a description of the vulnerability and steps to reproduce.

You will receive a response within 7 days. If the issue is confirmed, a fix will be prioritized and a patched release will be made as soon as possible.

• Always review scripts before running them in your environment.
• Pin tool versions when using the provided run_all.sh / run_all.ps1 scripts.
• Do not run untrusted .sv files through synthesis without reviewing them first.