Security reports are accepted for:
- Bootstrap scripts under
scripts/bootstrap/ - Installer entrypoint
install-macos.sh - Configuration and policy files in this repository
Please do not open public issues for security vulnerabilities.
Report privately via email:
danilsilantyevwork@gmail.com
Include:
- Affected file and command path
- Reproduction steps
- Security impact
- Suggested fix (optional)
- Initial response target: within 72 hours
- Triage and remediation plan: as soon as impact is confirmed
- Public disclosure: after fix is available or mitigations are documented