While the Governance game is primarily a card game, the way we build the artifacts include some scripts and for these we have adopted a simple security policy.
If you discover security issues in the scripts for the Governance game, we request you to disclose these responsibly by sending an email to security@publiccode.net.
If possible, please provide a reproducible test or clear steps on how to reproduce the vulnerability, this will help address the issue quicker.
Please, do not report security related issues on the public GitHub issue tracker, as it can make others more vulnerable to the issue.
Staff at the Foundation for Public Code will acknowledge your email as soon as possible, within one week, but very likely sooner. Once notified, staff aim to ensure any security issues are resolved as soon as possible. Depending on the issue, staff may require follow up with you for more details. Staff welcomes collaboration from the community member(s) who find an issue on resolving the issue, and verifying the fix.