If you believe you have found a security vulnerability in any Ada Anvil product or service, please do not open a public issue.

Instead, email your findings to security@ada-anvil.io.

Include as much of the following as possible:

• A description of the vulnerability and its potential impact.
• Steps to reproduce or a proof of concept.
• The affected product or service.
• Your contact information for follow up.

We will acknowledge your report and work with you to understand and address the issue before any public disclosure.

This policy applies to all products and services maintained by Ada Anvil.

We ask that you give us reasonable time to investigate and address any reported vulnerability before disclosing it publicly. We are committed to resolving confirmed issues promptly and will coordinate disclosure with you.