# Ennote Security - Vulnerability Disclosure
# We are committed to working with security researchers to verify and address any potential vulnerabilities.

Contact: mailto:security@ennote.io
Expires: 2026-12-31T23:59:59z
Encryption: https://ennote.io/.well-known/pgp-key.txt
Policy: https://ennote.io/security
Preferred-Languages: en
Canonical: https://ennote.io/.well-known/security.txt

# Safe Harbor
# We support safe harbor for security researchers who act in good faith.
# If you conduct vulnerability research according to our policy, we will consider
# this research to be authorized and will not recommend or pursue legal action against you.
#
# Rules of Engagement:
# - Do not access or modify data that does not belong to you.
# - Use your own test accounts.
# - Do not perform DDoS or social engineering attacks.