If you discover a security vulnerability in PromptGuard, please report it responsibly.

Email: security@promptguard.co

Please include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact

We will acknowledge your report within 48 hours and aim to provide a fix within 7 days for critical issues.

• Dependencies are monitored via Dependabot alerts and weekly version updates
• All PRs require CI to pass before merge
• Secrets are never committed to the repository