Please report security vulnerabilities privately to security@smscode.gg. Do not open a public issue for a security report.
Include a description, reproduction steps, and the affected version. We aim to acknowledge within a few business days and will coordinate a fix and a disclosure timeline with you.
The latest published @smscode/sdk release receives security fixes.