If you discover a security vulnerability in ansible.windows, please report it responsibly.

Do NOT open a public GitHub issue for security vulnerabilities.

Instead, please send an email to sfulmer@redhat.com with:

• A description of the vulnerability
• Steps to reproduce the issue
• Potential impact
• Suggested fix (if any)

You should receive a response within 48 hours. We will work with you to understand and address the issue before any public disclosure.

When contributing to this project:

• Never commit credentials, API keys, or tokens
• Use environment variables or vault for sensitive data
• Keep dependencies up to date
• Follow the principle of least privilege in all automation