If you discover a security vulnerability in the Amigo Python SDK, please report it responsibly.

Email: security@amigo.ai

Please include:

• A description of the vulnerability
• Steps to reproduce the issue
• The SDK version and Python version you are using
• Any potential impact you have identified

• Acknowledgment: Within 48 hours of your report
• Initial assessment: Within 5 business days
• Resolution target: Within 90 days of confirmed vulnerabilities

This policy covers the amigo_sdk Python package. For vulnerabilities in the Amigo API itself, please contact security@amigo.ai directly.

We follow coordinated disclosure. Please do not publicly disclose vulnerabilities until we have issued a fix and confirmed it is safe to do so.