We take the security of SteadyCron seriously. Reliability and data protection are core to what we sell, and we appreciate reports that help us keep the platform safe.

Please report security issues privately to security@steadycron.com. Do not open a public issue or pull request for security problems.

Include where you can: a description of the issue, the affected component (hosted platform, CLI, or GitHub Action), reproduction steps, and the impact you believe it has.

• We aim to acknowledge your report within 2 business days.
• We will keep you informed as we investigate and work toward a fix.
• We ask that you give us a reasonable opportunity to resolve the issue before any public disclosure, and that you avoid accessing or modifying data that isn't yours while testing.

The hosted service at steadycron.com always runs the latest version. For the CLI and GitHub Action, the most recently published release is supported.

We do not currently run a paid bug bounty, but we credit reporters who responsibly disclose valid issues, if you'd like.