If you discover a security vulnerability within Orbit, please send an email to [[email protected]]. All security vulnerabilities will be promptly addressed.

Please do not publicly disclose the issue until it has been addressed by the team.

1. Email your findings to [[email protected]]
2. You will receive a response within 48 hours
3. We will investigate and keep you updated on our findings
4. Once the issue is confirmed and fixed, we will notify you
5. We will publicly disclose the issue (if applicable)

When using Orbit:

1. Keep your bot token secure and never commit it to version control
2. Regularly rotate your bot token
3. Use environment variables for sensitive information
4. Implement proper permission checks in your commands
5. Regularly update dependencies to patch security vulnerabilities