# Security Policy

## Reporting a Vulnerability

If you discover a security vulnerability in this SDK, **please do not open a public GitHub issue**.

Instead, report it privately:

- **Email:** security@allstak.sa
- **GitHub Security Advisories:** [Report a vulnerability](https://github.com/AllStak/allstak-react/security/advisories/new)

We will acknowledge receipt within 48 hours and aim to release a fix within 14 days for critical issues.

## Supported Versions

We support the latest published version of this SDK. Please update to the latest version before reporting.

## Disclosure Policy

We follow responsible disclosure. Once a fix is released, we will publish a security advisory on GitHub.