Copperline Labs takes the security of its products seriously. Thank you for helping keep Rendex and our users safe.

Please do not open a public issue for security vulnerabilities.

Report it privately to support@rendex.dev with:

• a description of the issue and its potential impact,
• steps to reproduce (proof-of-concept if available), and
• any affected endpoints, versions, or integrations.

You can also use GitHub's private vulnerability reporting on the relevant repository.

• We aim to acknowledge reports within 2 business days.
• We'll keep you updated on remediation progress.
• Please give us a reasonable window to fix the issue before any public disclosure.

This policy covers the Rendex API (api.rendex.dev), the dashboard and website (rendex.dev), and the official open-source integrations (rendex-mcp, rendex-n8n, rendex-zapier).