I take the integrity of every product I build seriously. If you find a vulnerability, I want to know about it and I will act on it quickly.
Report security issues privately. Do not open a public issue.
Reach me at security@omrajguru.com or through omrajguru.com/contact.
Include:
- A clear description of the vulnerability
- The steps required to reproduce it
- The potential impact as you understand it
- Any relevant logs, screenshots, or proof of concept
The more specific your report, the faster I can respond.
I will acknowledge your report within 48 hours. I will keep you informed as I investigate and resolve the issue. I will let you know when a fix is live.
I handle every report with discretion. Your report and identity stay private.
This policy covers all repositories and products under this org, both current and future.
I ask that you give me reasonable time to investigate and fix the issue before sharing it publicly. I will work as fast as I can. In return, I will be transparent with you throughout the process.
If you act in good faith and follow this process, I will do the same.