Ada is currently in public alpha. Security fixes will be prioritized on the latest alpha release line.

Please do not open public GitHub issues for suspected security vulnerabilities.

Instead, report privately to the maintainers with:

• a description of the issue
• impact assessment
• reproduction steps
• any proof-of-concept details that help validate the report

Until a dedicated security email is established, coordinate through a private maintainer contact channel associated with the repository owner.

Because Ada currently operates as a local Git sidecar, local filesystem safety, unsafe shell invocation, malformed repository handling, and release artifact integrity are especially important security areas.