Only the latest minor release of ShardPass is supported.

Email hello@networkshard.com with the subject line [ShardPass] vulnerability.

You will receive an acknowledgement within 72 hours. Please don't open a public issue or pull request for security bugs until we've coordinated a fix and a release.

If a fix is straightforward we aim to ship within 14 days of acknowledgement. Larger issues may take longer; we'll keep you updated.

Some Shard projects (ShardFlow, ShardC2, ShardShell) are offensive security tools. They are intended for use against systems you own or have explicit written permission to test.

Unauthorized access to computer systems is illegal in most jurisdictions. The authors accept no liability for misuse. "I was testing my own network" is not a legal defense, and neither is this file.