Confidential vulnerability reporting currently works by embedding text encrypted to OpenPGP Key represented via gnupg ascii armor in the body of a standard issue template for security vulnerabilities under the issues tab this is explained under the Reporting a vulnerability section.

1. Go to Issues
2. Create a new issue and choose the "Security Vulnerability" template
3. add a non revealing title to the issue or keep the default entry
4. On your local pc write an .md file or any other .txt file and encrypt it to OpenPGP Key after importing the openpgp key

    gpg --keyserver keys.openpgp.org --recv-keys  57CA87DDE11190DEA2446B4755D979432731D4EE
    cat  vulnerability_description.txt | gpg --encrypt --armor --recipient 57CA87DDE11190DEA2446B4755D979432731D4EE

5. The output should be an ascii encrypted text that is copyable to the issue description section.