Please do not report security vulnerabilities through public GitHub issues.

Report suspected vulnerabilities privately through GitHub's private vulnerability reporting for this repository: open the Security tab and choose Report a vulnerability (https://github.com/nvsecurity/nightvision-mcp/security/advisories/new). This delivers the report directly to the maintainers and keeps the details confidential until a fix is available.

When reporting, please include:

• A description of the issue and its impact
• Steps to reproduce or a proof of concept
• The affected version, commit, or configuration
• Any suggested remediation, if known

• We will acknowledge the report and begin investigating.
• We will keep you informed of progress toward a fix.
• We ask that you give us a reasonable opportunity to remediate before any public disclosure.

This policy covers the nightvision-mcp server in this repository. The latest commit on the default branch is the supported version. The NightVision CLI, API, and other products are tracked separately.