# Security

We are aware that running mods with the `BrowserClient` interface can be unsafe because of how NodeJS and V8 handle non-sanitized mod code within an emulated environment.

It is essential to only execute mod code from trusted sources or thoroughly verify the code's safety before passing it to a `BrowserClient` instance.

## Reporting Security Issues
**Please do not report security vulnerabilities through public GitHub issues.**

If you identify any issues that could be resolved through improved code logic or dependencies (excluding the VM library), please submit a report detailing the problem and your proposed solutions using any of the contact methods listed below:
- [Repository Security Advisories Form](https://github.com/Bhpsngum/starblast-modding/security/advisories/new)
- Email: <bhpsngumproductions@gmail.com>
- Discord \@bhpsngum
- [Google Form](https://forms.gle/nmTLSR62abvwT9z86)


When submitting a report, make sure to include these information:
- Detailed description of the issue
- Steps to reproduce (if any)
- Proposed solution to the said issue
- Attachments of your Proof of Concept (PoC) (optional)

## Preferred languages
We prefer all communications to be in English.