Security fixes target the main branch until the docs portal publishes
versioned releases.
Use GitHub private vulnerability reporting for this repository when available:
https://github.com/knowledge-bridge-labs/llmwiki-docs/security/advisories/new.
If private vulnerability reporting is unavailable, open a public issue only to request a private security contact path, then stop. Do not include exploitable details, real credentials, bearer tokens, private endpoint URLs, exported private content, raw sensitive logs, local environment files, screenshots, or proof-of-concept payloads in a public issue, pull request, or discussion.
Maintainers should acknowledge private reports within 7 calendar days and provide a remediation plan, mitigation, or status update as soon as practical.
This policy covers documentation and workflows that could lead users to expose credentials, private endpoints, private wiki content, runtime tokens, or sensitive logs. Vulnerabilities in the server, chat client, or bridge should be reported in the affected repository when the issue is specific to that code.