If you discover a security vulnerability in any AI Agent Assembly repository, please report it privately by emailing security@agentassembly.dev. Do not open a public GitHub issue or discussion for security issues.

Once we ship v0.1.0, we'll update this table with the supported window (typically the latest minor + one previous).

• We'll acknowledge your report within 72 hours of receipt.
• We'll provide an initial assessment within 7 days.
• We'll work with you on a fix and coordinated disclosure timeline.
• We'll credit you in the release notes for the fixed version, unless you prefer to remain anonymous.

For non-security bugs, please use the regular issue tracker on the relevant repo.