If you discover a security vulnerability in coreml-native, please report it responsibly. Do not open a public GitHub issue for security vulnerabilities.

Instead, use one of the following methods:

• GitHub Security Advisories: Open a private advisory at https://github.com/robertelee78/coreml-native/security/advisories/new
• Email: Contact the maintainers directly at the email address listed in the repository profile.

• Acknowledgment within 72 hours of your report.
• Assessment and updates within 7 days, including whether the issue is accepted or declined and an estimated timeline for a fix.
• Credit in the release notes if you wish, once the fix is published.

We ask that you allow a reasonable window for a fix before any public disclosure.