# Security disclosure policy for rmfullstackaiengineer.dev
# https://datatracker.ietf.org/doc/html/rfc9116

Contact: mailto:security@rmfullstackaiengineer.dev
Expires: 2027-05-27T00:00:00Z
Preferred-Languages: en
Canonical: https://rmfullstackaiengineer.dev/.well-known/security.txt
Policy: https://rmfullstackaiengineer.dev/terms#security-disclosure

# We accept responsible disclosure of security vulnerabilities.
# Please do not run automated scans against production. Open scope:
#   *.rmfullstackaiengineer.dev
# Out of scope: third-party services we rely on (Cloudflare, Stripe, Anthropic, Resend).
# We will respond within 5 business days and credit responsible disclosers.