If you discover a security vulnerability in Foundry, please report it privately rather than opening a public issue.

Email: tom.barry@signalandpattern.com

Please include:

• A description of the vulnerability.
• Steps to reproduce, or a proof-of-concept.
• Affected versions (if known).
• Any mitigation you have already identified.

We will acknowledge receipt within a reasonable timeframe and work with you on coordinated disclosure.

Security fixes are applied to the latest released version. Older versions are supported on a best-effort basis.

We follow responsible disclosure practices. Please do not publicly disclose the vulnerability until we have had reasonable time to investigate and release a fix.