ScienceSwarm currently supports security fixes on the latest main branch. Older branches and stale worktrees are not supported.

Do not open a public GitHub issue for a suspected security problem.

Preferred paths:

1. Use GitHub private vulnerability reporting / Security Advisories for this repository.
2. Email security@scienceswarm.ai with:
   • affected commit or branch
   • reproduction steps
   • impact
   • any suggested mitigation

Please avoid posting proof-of-concept exploits or secret material in public.

• We will acknowledge receipt as soon as practical.
• We will validate the report, determine severity, and decide whether the fix lands on main directly or through a private patch flow.
• Once a fix is ready, we may ask you to confirm the issue is resolved before coordinated public disclosure.