Security Policy Never commit credentials. Use environment variables or a secret manager. Report vulnerabilities privately to support@globular.io. Dependencys are scanned on CI with govulncheck and gosec.