At Spirit Solutions, we take security seriously. We welcome and appreciate responsible disclosure of any security vulnerabilities you may find in our "secure-web" npm package.

To report a security vulnerability, please email us directly at spiritsolutions.connect@gmail.com. We will acknowledge receipt of your vulnerability report and work to address any issues promptly.

When reporting vulnerabilities, please provide the following information:

• Description of the vulnerability.
• Steps to reproduce the vulnerability.
• Potential impact of the vulnerability.
• Your name and contact information (optional).

We strive to respond to security vulnerability reports in a timely manner. Our typical response timeline is as follows:

• Acknowledgement: We will acknowledge receipt of your report within 48 hours.
• Investigation: Our team will investigate the reported vulnerability to verify its legitimacy and impact.
• Resolution: Once validated, we will work to address the vulnerability and provide updates on our progress.
• Public Disclosure: We will coordinate with you to publicly disclose the vulnerability once it has been resolved, ensuring responsible disclosure practices are followed.

This security policy applies to all aspects of the "secure-web" npm package developed and maintained by Spirit Solutions, including the codebase, documentation, and associated assets.

We appreciate your help in keeping "secure-web" secure. If you have any questions or concerns about our security policy or practices, please don't hesitate to contact us at spiritsolutions.connect@gmail.com.