The Intugle team takes security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings, and we will make every effort to acknowledge your contributions.

We are committed to providing security updates for the following versions:

If you discover a security vulnerability, please report it to us privately. Do not create a public GitHub issue.

We encourage you to report vulnerabilities using one of the following methods:

1. GitHub Private Vulnerability Reporting: The preferred method is to use the private vulnerability reporting feature on GitHub. This ensures your report is delivered directly to the security maintainers.

2. Email: If you prefer, you can send an email to hello@intugle.ai

When reporting a vulnerability, please include the following details:

• A clear and concise description of the vulnerability.
• The version of the project affected.
• Steps to reproduce the vulnerability, including any proof-of-concept code.
• The potential impact of the vulnerability.
• Any potential mitigations or workarounds.

When you report a vulnerability to us, we commit to:

• Acknowledging receipt of your report in a timely manner.
• Providing you with an estimated timeline for addressing the vulnerability.
• Keeping you informed of our progress.
• Crediting you for your discovery once the vulnerability is resolved, unless you prefer to remain anonymous.

We will not take any legal action against you for discovering and reporting security vulnerabilities in good faith and in accordance with this policy.