---
name: Security Vulnerability
about: Report a security vulnerability (USE PRIVATE REPORTING INSTEAD)
title: '[SECURITY] '
labels: 'security'
assignees: ''
---
## ⚠️ STOP - Read This First
**DO NOT use this public issue template for actual security vulnerabilities!**
For security issues, please use one of these private channels:
1. **GitHub Security Advisories** (Recommended):
- Go to the [Security tab](https://github.com/hummbl-dev/mcp-server/security)
- Click "Report a vulnerability"
- This creates a private draft security advisory
2. **Email**: security@hummbl.io
---
## For Non-Critical Security Improvements
If this is a **suggestion for security hardening** (not an actual vulnerability), you may continue:
### Security Improvement Description
Describe the security enhancement or hardening measure you're suggesting.
### Risk Level
- [ ] Low - Best practice improvement
- [ ] Medium - Defense in depth measure
- [ ] High - Addresses a theoretical vulnerability
### Current Behavior
How does the system currently work?
### Proposed Improvement
What security enhancement do you propose?
### Implementation Suggestions
How could this be implemented?
### References
<!-- Link to relevant security guidelines, best practices, or standards -->
- [OWASP guideline](...)
- [Security standard](...)
## Checklist
- [ ] This is NOT an actual vulnerability (or I've reported it privately)
- [ ] This is a security enhancement suggestion
- [ ] I have not disclosed any sensitive information
