# CUVETSMO Security Policy
# RFC 9116 · https://securitytxt.org
#
# If you find a security vulnerability in cuvetsmo.com, please report it
# privately via the channels below rather than disclosing publicly.

# Primary contact · official email (CF Email Routing live 2026-05-18)
Contact: mailto:security@cuvetsmo.com

# Backup · Instagram DM (fastest informal response)
Contact: https://www.instagram.com/cuvetsmo/

# Backup · GitHub Security Advisory (private, technical reporters)
Contact: https://github.com/palmzamak2547/WebCUVETSMO/security/advisories/new

# Expires every 12 months · refresh annually
Expires: 2027-05-18T00:00:00.000Z

# Preferred language for reports
Preferred-Languages: th, en

# Canonical location of this policy
Canonical: https://cuvetsmo.com/.well-known/security.txt

# Public-facing security model + threat doc
Policy: https://github.com/palmzamak2547/WebCUVETSMO/blob/main/SECURITY.md

# Acknowledgments · we credit reporters who help us
Acknowledgments: https://github.com/palmzamak2547/WebCUVETSMO/blob/main/SECURITY.md#acknowledgments

# This is an unfunded student-council project · no bug bounty cash · but
# we credit reporters publicly + answer fast. Please don't social-engineer
# or DoS the site to "prove" issues.