Security policy for the pakx-web marketing site lives upstream in the main repo: https://github.com/pakxdev/pakx/blob/main/SECURITY.md.

• Report a vulnerability: GitHub Security Advisory (preferred) or security@pakx.dev.
• Public disclosure metadata: https://pakx.dev/.well-known/security.txt
• Scope includes this repo and the pakx-registry backend at registry.pakx.dev.

Please do not file security issues in the public issue tracker.