Skip to content

Security: Cholulaa/claude-code-hardening-skill

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in this skill (e.g., a template that introduces a weakness), please report it responsibly:

  1. Do NOT open a public GitHub issue
  2. Email: create a private security advisory via GitHub Security Advisories
  3. Include: description, affected template/phase, potential impact, and suggested fix

We will respond within 48 hours and publish a fix as soon as possible.

Scope

This policy covers:

  • Configuration templates that could weaken security
  • Missing safety checks that could lock users out
  • Hardening measures that conflict with each other

There aren't any published security advisories