The main branch is supported and receives security updates.

Please report vulnerabilities privately using one of the following:

1. GitHub Security Advisory: https://github.com/kpeacocke/piclaw/security/advisories/new
2. Direct maintainer contact via repository profile if advisory submission is not possible.

Do not open public issues for unpatched vulnerabilities.

1. Acknowledge receipt within 3 business days.
2. Confirm impact and remediation plan.
3. Publish a fix and coordinated disclosure when ready.