If you believe you have found a security issue in SentinelAudit or any public component we publish, please report it privately.
- affected component or file path
- impact summary
- reproduction steps
- proof-of-concept if available
- any assumptions required for exploitation
- disclose vulnerabilities publicly before coordination
- include secrets, tokens, or customer data in public issues
Some parts of SentinelAudit remain private product infrastructure. A public repository or extracted public package may not include all production controls or internal hardening layers. Reports are still welcome, but please note which public artifact or commit your finding applies to.