# Security Policy

## Reporting a Vulnerability

If you believe you have found a security vulnerability in RaTeX, please report it privately.

- **Preferred**: open a GitHub Security Advisory (Repository → Security → Advisories).
- If that is not possible, email the maintainers via the contact method listed in the repository profile.

Please include:

- A clear description of the issue and potential impact
- Steps to reproduce (proof-of-concept if possible)
- Affected versions / commit SHA
- Any suggested mitigation

## Disclosure Process

After receiving a report, maintainers will:

- Acknowledge receipt and begin triage
- Work on a fix and coordinate a release
- Publish an advisory when appropriate