# Security Policy

## Reporting a Vulnerability

Please report suspected vulnerabilities through GitHub Security Advisories for this repository:

- <https://github.com/final-run/finalrun-agent/security/advisories/new>

Do not open public GitHub issues for security-sensitive reports.

When submitting a report, include:

- a clear description of the issue
- affected versions or commit ranges when known
- reproduction steps or proof-of-concept details
- impact assessment, if available

We will acknowledge valid reports as quickly as possible, investigate privately, and coordinate disclosure when a fix is available.

## Supported Versions

| Version | Supported |
| --- | --- |
| `0.1.x` | Yes |
| `<0.1.0` | No |