# Security Policy

## Reporting a Vulnerability

If you discover a security vulnerability in Hyperframes, please report it responsibly.

**Do not open a public GitHub issue for security vulnerabilities.**

Instead, open a [GitHub Security Advisory](https://github.com/heygen-com/hyperframes/security/advisories/new) with:

- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)

We will acknowledge receipt within 48 hours and aim to provide a fix or mitigation plan within 7 days.

## Supported Versions

| Version | Supported |
| ------- | --------- |
| 0.x     | Yes       |

## Scope

This policy applies to all packages in the `@hyperframes/*` npm scope and the code in this repository.