Do NOT open a public GitHub Issue for security vulnerabilities.

If you discover a security issue on alacraft.day, please report it privately:

1. Discord (preferred) — join discord.gg/QbSEPbGA8u and send a direct message to a moderator
2. Twitter / X — send a DM to @alacraftday

• Description of the vulnerability
• Steps to reproduce
• URL or page where the issue occurs
• Potential impact

• We aim to acknowledge your report within 48 hours
• We will investigate and keep you informed of our progress
• We will credit you in the fix notes if you wish

Thank you for helping keep AlaCraft and its community safe.