If you believe you have found a security issue in ShadowScan:
- Do not open a public issue with secrets, tokens, or sensitive target data.
- Prefer using GitHub Security Advisories ("Report a vulnerability") on the repository.
If Security Advisories are not available, open an issue with:
- A high-level description (no secrets)
- Steps to reproduce
- Impact assessment
Only the latest main branch is supported.