Thank you for helping keep pgr and the Entire ecosystem safe.

Please do not report security vulnerabilities through public GitHub issues, pull requests, or discussions.

Instead, report them privately to the Entire team at [email protected] and include:

• the affected repository: entireio/pgr
• a description of the issue
• reproduction steps or a proof of concept, if available
• the potential impact
• any suggested mitigation, if you have one

If possible, use a subject line that clearly indicates the report is security-related.

We will review reports as quickly as we can and work with you to understand impact, reproduction, and remediation.

Please give us a reasonable amount of time to investigate and address the issue before disclosing it publicly.

This policy covers security issues in:

• the pgr Rust MCP server
• the repository’s published tooling and benchmark harness

It does not cover general feature requests, documentation bugs, or support questions. Those should go through the normal GitHub issue workflow.