If you discover a security vulnerability in this project, please report it responsibly.

Do NOT open a public GitHub issue for security vulnerabilities.

Instead, please send an email to the project maintainers with:

1. A description of the vulnerability
2. Steps to reproduce the issue
3. Any potential impact
4. Suggested fix (if you have one)

• Acknowledgement within 48 hours of your report
• Status update within 5 business days
• Resolution timeline shared once the issue is confirmed

We appreciate your help in keeping React Native Web Playground and its users safe. Contributors who report valid security issues will be acknowledged in our release notes (unless they prefer to remain anonymous).

• Never commit secrets, API keys, or credentials
• Use environment variables (.env) for sensitive configuration
• Keep dependencies up to date — run npm audit regularly
• Review the .gitignore to ensure sensitive files are excluded