Contact: mailto:support@cloudraft.app
Expires: 2027-05-24T00:00:00.000Z
Preferred-Languages: en
Canonical: https://cloudraft.app/.well-known/security.txt
Policy: https://cloudraft.app/privacy

# How to report a security issue with CloudRaft:
#
# 1. Email support@cloudraft.app with "SECURITY:" in the subject line.
# 2. Include reproduction steps if you can.
# 3. We'll acknowledge within 24 hours and aim to fix within 7 days
#    for high/critical, or coordinate a longer timeline for complex
#    issues.
# 4. We don't currently run a bug bounty program but we'll publicly
#    credit responsible reporters on request.
#
# CloudRaft's full threat model + scope is in docs/architecture/security.md
# in the repository (not yet public).