Use this section to tell people about which versions of your project are currently being supported with security updates.

We take the security of our software seriously. If you believe you have found a security vulnerability in the Copilot Coding Agent Orchestrator, please report it to us as described below.

Please do not report security vulnerabilities through public GitHub issues.

If you believe you have found a security vulnerability, please report it by emailing kehsi.dow@gmail.com.

Please include the following details in your report:

• Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
• Full paths of source file(s) related to the manifestation of the issue
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if possible)
• Impact of the issue, including how an attacker might exploit the issue

• We will investigate and respond to all reports.
• We will fix vulnerabilities as soon as possible.
• We ask that you do not publicly disclose the issue until we have had a chance to fix it.

We will credit you for your discovery in our release notes and security advisories, unless you prefer to remain anonymous.