# Security Policy

**Organization**: [0xbow](<https://0xbow.io/>)

## Reporting a Vulnerability
If you discover a security vulnerability, please **do not** open a public issue. Instead, report it by emailing our security team at [security@0xbow.io](<mailto:security@0xbow.io>).

Please provide as much detail as possible, including:
- Steps to reproduce the vulnerability
- Any relevant code, logs, or screenshots
- A description of the potential impact

We take all security vulnerabilities seriously. Once we receive your report, we will:
1. **Acknowledge** receipt as soon as possible.
2. **Investigate** the issue and determine the impact.
3. **Prepare a fix**, if necessary, and plan for disclosure.
4. **Offer a bounty**, in case it applies.

## Disclosure Policy
We aim to publicly disclose vulnerabilities only after we have:
1. Confirmed the vulnerability and developed patches or mitigations.
2. Coordinated with the person or team who reported the vulnerability.
3. Deployed solutions or made a fix available.

We are grateful for the community’s contributions to maintaining the security of our projects and appreciate responsible disclosure of vulnerabilities.

## Contact
For general questions or comments about security, feel free to email [security@0xbow.io](<mailto:security@0xbow.io>).