If you discover a security issue in Cadence, please do not open a public issue first.
Instead, contact the maintainer privately with:
- a short description of the issue
- affected area
- reproduction steps
- possible impact
Please also include whether the issue involves:
- authentication
- secrets or environment variables
- payments
- user data
- model-service endpoints
I will review the report and coordinate a fix before public disclosure when appropriate.