# Security Policy

## Reporting Security Vulnerabilities

**Please do not report security vulnerabilities through public GitHub issues.**

If you discover a security vulnerability, please report it by emailing [{{securityEmail}}](mailto:{{securityEmail}}).

Please include the following information in your report:

- Description of the vulnerability
- Steps to reproduce the issue
- Affected versions
- Potential impact
- Any suggested fixes (if available)

## Response Timeline

We will acknowledge your report within **3 business days** and provide a detailed response within **7 business days** indicating the next steps in handling your report.

We will keep you informed of the progress towards a fix and may ask for additional information or guidance.

## Security Updates

Security updates will be released as soon as possible after a fix is available. We recommend keeping your installation up to date with the latest releases.

{{#if supportedVersions}}
## Supported Versions

{{supportedVersions}}
{{/if}}

## Security Best Practices

When using {{projectName}}, we recommend:

- Keep the software updated to the latest version
- Follow the principle of least privilege
- Review and audit your configurations regularly
{{#if additionalSecurityGuidance}}
- {{additionalSecurityGuidance}}
{{/if}}

Thank you for helping to keep {{projectName}} and our users safe!