# Security Policy

 ## Supported Versions

 | Version | Supported |
 |---------|-----------|
 | Latest  | Yes       |

 ## Reporting a Vulnerability

 If you discover a security vulnerability in prompts.chat, please report it responsibly.

 **Do NOT open a public GitHub issue for security vulnerabilities.**

 Instead, please report vulnerabilities by emailing **security@prompts.chat**.

 Include the following in your report:

 - Description of the vulnerability
 - Steps to reproduce
 - Potential impact
 - Suggested fix (if any)

 ## CVE Coordination

 We coordinate the CVE identification and disclosure process with the GitHub Security team. Confirmed
  vulnerabilities will be tracked through GitHub Security Advisories, and CVE IDs will be requested
 and assigned as appropriate.

 ## Scope
 The following are **out of scope**:

 - Denial of service attacks
 - Social engineering
 - Issues in third-party dependencies (report these upstream)
 - Attacks requiring physical access

 ## Disclosure Policy

 We ask that you give us reasonable time to address the issue before any public disclosure. We are
 committed to working with security researchers and will credit reporters (unless anonymity is
 preferred) once the issue is resolved.

 ## Thank You

 We appreciate the security research community's efforts in helping keep prompts.chat and its users
 safe.