---
name: 🔐 Security Vulnerability
about: Report a security issue (PRIVATE - use email instead)
title: 'DO NOT USE - Email security@evercatch.dev'
labels: security
assignees: ''
---

# ⚠️ STOP - DO NOT USE THIS TEMPLATE

**Security vulnerabilities should NOT be reported publicly.**

Please email us instead: **security@evercatch.dev**

## Why?

Public disclosure of security issues can:
- Put user data at risk
- Allow attackers to exploit the vulnerability
- Violate responsible disclosure practices

## What to Include in Your Email

- **Description** - What is the vulnerability?
- **Steps to Reproduce** - How can we reproduce it?
- **Impact** - What could an attacker do?
- **Proof of Concept** - Code or screenshots (optional)
- **Suggested Fix** - If you have one
- **Your Contact Info** - For follow-up

## Our Commitment

- ✅ Response within 24 hours
- ✅ Updates every 48 hours
- ✅ Credit in security advisories (if desired)
- ✅ Potential bug bounty (for critical issues)

## Security Policy

Read our full security policy: [SECURITY.md](../../SECURITY.md)

---

**Thank you for keeping Evercatch secure!** 🔒