We release security updates for the current major version. The following are currently supported:

If you believe you have found a security vulnerability in this project (e.g. in the methodology, tooling, or documentation that could lead to incorrect security conclusions), please report it responsibly:

1. Do not open a public issue for security-sensitive findings.
2. Open a private security advisory on GitHub, or contact the maintainers via the method listed in the repository description / org profile.
3. Include a clear description, steps to reproduce (if applicable), and impact.

We will acknowledge your report and work with you to understand and address the issue. We appreciate responsible disclosure and will credit reporters (with permission) when the issue is resolved.

Note: This repository contains AI agent skills and reference documentation for smart contract security auditing. It does not run executable code or handle user data. Vulnerabilities here would typically relate to incorrect or misleading guidance that could cause auditors to miss real bugs in contracts they analyze.