If you believe you have found a security vulnerability in Sigil, please report it privately before opening a public issue.

Use one of these options:

• Open a private security advisory on GitHub, if available.
• Contact the maintainer through the contact method listed on the maintainer's GitHub profile.

Please include:

• A clear description of the issue.
• Steps to reproduce the behavior.
• Affected versions, platforms, and configurations.
• Any known impact or workaround.

This is a personal open-source project maintained on a best-effort basis. The maintainer does not provide a guaranteed response time, remediation time, SLA, or support obligation.

Security fixes may be released when practical, but all use of this software is at your own risk and subject to the Apache License 2.0.