To report a security vulnerability within Harmonix or one of its official packages, please report it privately using the GitHub Security Advisories page (see documentation).

To ensure your Harmonix-based bots remain secure:

• Always keep dependencies up to date (pnpm update or npm update).
• Regularly review your Discord bot's permissions and environment variables.
• Never expose any tokens or other secrets in your code or version control.