We take security vulnerabilities seriously. If you discover a security issue in this project, please do not open a public GitHub issue.
Send details to the repository maintainers via mail to: [email protected]
To help us triage and resolve the issue quickly, please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- The potential impact and attack scenarios
- Any suggested mitigations or fixes (optional)
- Your name/handle if you'd like to be credited in the changelog
This security policy applies to the source code and scripts maintained in this repository. It does not cover:
- Third-party dependencies (report those upstream)
- Your own infrastructure or Azure tenant configuration
- Issues arising from misconfiguration outside the scope of this project
We appreciate the efforts of security researchers and community members who responsibly disclose vulnerabilities. Contributors who report valid issues will be credited in the changelog.