> ## Documentation Index
> Fetch the complete documentation index at: https://getoverlay.io/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Reporting

> How to handle vulnerabilities and security-sensitive docs updates.

Report vulnerabilities through the repository security policy in `SECURITY.md`.

Do not publish:

* Private audit notes.
* Exploit details before remediation.
* Customer data.
* Real secrets, tokens, webhook signatures, or provider keys.

Public security docs should explain supported configuration and safe operational behavior without exposing active vulnerabilities or private incident details.
