If you discover a security vulnerability in this repository, please report it responsibly.

Do not open a public issue.

Instead, use GitHub's private vulnerability reporting to submit a report with:

• A description of the vulnerability
• Steps to reproduce the issue
• Any potential impact assessment

This policy covers the skills published in this repository and the skill-creator tooling. For vulnerabilities in the Karma platform itself, please refer to the main Karma security policy.

Only the latest version on the main branch is actively supported.