If you believe you have found a security vulnerability in UtilityWise UAE, please report it responsibly:

• Do not open a public issue.
• Email the maintainers (see repository owner/organization for contact) with a description of the issue and steps to reproduce.
• Allow time for a fix before disclosing publicly.

We will acknowledge receipt and work with you to understand and address the issue.

• This applies to the open-source code in this repository (Laravel app, Python AI service, Docker setup).
• Bill data and user data are intended to stay on the user’s machine or self-hosted instance; any design or code that would send such data to third parties without consent is in scope.

We recommend using tagged releases and updating dependencies regularly (composer update, pip install -U -r requirements.txt).