Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in this GitHub Action, please report it responsibly.

Do not open a public issue.

Instead, email security@prodcycle.com with:

A description of the vulnerability
Steps to reproduce
Potential impact

We will acknowledge your report within 2 business days and aim to provide a fix within 7 days for critical issues.

Scope

This policy covers the prodcycle/actions GitHub Actions code. For vulnerabilities in the ProdCycle API or platform, please report those separately at prodcycle.com/security.

API Key Security

Never commit your pc_ API key to source code
Always use GitHub encrypted secrets to store your ProdCycle API key
The action automatically masks the API key in workflow logs

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Scope

API Key Security

There aren’t any published security advisories

Security: prodcycle/actions

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Scope

API Key Security

There aren’t any published security advisories