This repository is an independent fork of github/spec-kit and is not affiliated with GitHub. Please report security issues for this fork via the channels below.
Do not report security vulnerabilities through public issues, discussions, or pull requests.
Preferred reporting paths:
- GitHub Security Advisories for this repository (Security tab → “Report a vulnerability”)
- If that is unavailable, open a private contact request with the maintainer via the repository profile
Please include:
- Clear description of the issue and potential impact
- Steps to reproduce (including environment details)
- Affected files/paths and commit/tag references
- Proof-of-concept if available
If a vulnerability affects upstream (github/spec-kit), the maintainer will coordinate with upstream maintainers as appropriate.