# Security Policy

## Supported Versions

We actively patch only the most recent minor release of Roo Code. Older versions receive fixes at our discretion.

## Reporting a Vulnerability

Email security@roocode.com with:

- A short summary of the issue
- Steps to reproduce or a proof of concept
- Any logs, stack traces, or screenshots that might help us understand the problem

We acknowledge reports within 48 hours and aim to release a fix or mitigation within 30 days. While we work on a resolution, please keep the details private.

Thank you for helping us keep Roo Code users safe.