# Security Policy for KeepAm
# https://securitytxt.org/

Contact: mailto:security@keepam.ng
Contact: mailto:hello@keepam.ng
Expires: 2027-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://keepam.ng/.well-known/security.txt
Policy: https://keepam.ng/security-policy
Acknowledgments: https://keepam.ng/security-thanks

# KeepAm takes security seriously. We appreciate responsible disclosure
# of any vulnerabilities that may impact the security of our platform
# or our users' data.
#
# What to report:
# - Authentication/authorization vulnerabilities
# - Data exposure risks
# - Cross-site scripting (XSS)
# - SQL injection
# - Any issue that could compromise user data
#
# Please do NOT:
# - Access or modify other users' data
# - Perform actions that could harm the service
# - Publicly disclose vulnerabilities before we've addressed them
#
# We commit to:
# - Acknowledging receipt within 48 hours
# - Providing regular updates on our progress
# - Crediting you in our security acknowledgments (if desired)