Thank you for helping keep the Strutton Technologies ecosystem secure.
We take security seriously and appreciate responsible disclosures.
If you believe you have found a security vulnerability, do not open a public issue.
Instead, please report it privately:
📧 security@struttontechnologies.com
(Replace with your actual security inbox when ready.)
Please include:
- A clear description of the issue
- Steps to reproduce
- Potential impact
- Any proof‑of‑concept code
- Your recommended fix (optional)
We will acknowledge receipt within 48 hours and provide updates as we investigate.
We provide security updates for:
- Main branch (active development)
- Latest release tag (e.g.,
v1.x.x)
Older versions may not receive patches unless the issue is severe.
We ask that you:
- Do not publicly disclose the issue before we have addressed it
- Do not exploit the vulnerability
- Do not access or modify data you do not own
- Do not perform destructive testing
- Give us reasonable time to investigate and patch the issue
We will:
- Confirm the vulnerability
- Provide a fix or mitigation
- Credit you (if desired)
- Communicate timelines clearly
This policy applies to:
- All Strutton Technologies repositories
- STP Toolkit scripts
- .NET 10 codebases
- GitHub Actions workflows
- Documentation and configuration files
If you are unsure whether something qualifies as a security issue, contact us privately and we will help evaluate it.
Thank you for helping keep our ecosystem safe.