This repository is actively maintained on the default branch.

Please do not open public issues for vulnerabilities.

Instead, report responsibly with:

• Affected component(s)
• Reproduction steps
• Impact assessment
• Proposed mitigation (if available)

Send reports to: security@zlinebot.example (replace with your actual security mailbox).

• Initial acknowledgement: within 72 hours
• Triage update: within 7 days
• Remediation plan: as soon as severity is confirmed

• Rotate generated secrets before production go-live.
• Keep Docker base images and host OS patched.
• Restrict exposed network surfaces to required ports only.
• Enable HTTPS with trusted certificates.

• Revalidated the security reporting process and response expectations section.
• Audit scope: repository-wide markdown and operational-documentation verification pass.