Only the latest release is supported with security updates.

Report security vulnerabilities by email: security@attentionfirst.dev

Do NOT open a public GitHub issue for security vulnerabilities.

Include the following in your report:

• Description
• Steps to reproduce
• Affected version
• Potential impact

Expected response time:

• Acknowledgment within 48 hours
• Assessment within 7 days

We follow coordinated disclosure with a 90 day window.