If you find a security vulnerability in the Cirrus CI platform (the backend, web interface, etc.), please follow the steps below.

1. Do NOT comment about the vulnerability publicly.

2. Please email [email protected] with the following format:

   Subject: Platform Security Risk
   
   HOW TO EXPLOIT
   
   Give exact details so our team can replicate it.
   
   OTHER INFORMATION
   
   If anything else needs to be said, put it here.
   

3. Please be patient. You will get an email back soon.

Thank you! 🙌