From 77eeaf89bdc45fb86995e3978d15fa4cb4f2a968 Mon Sep 17 00:00:00 2001
From: Chris Wolfgang <210299580+Chris-Wolfgang@users.noreply.github.com>
Date: Sat, 28 Mar 2026 22:14:41 -0400
Subject: [PATCH] Update SECURITY.md to match template

- Remove "student data" reference
- Add 48-hour response timeline
- Fix numbered list formatting

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 SECURITY.md | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index fdd99e9..e2bfe41 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -4,19 +4,20 @@
 
 If you discover a security vulnerability, please follow these steps:
 
-1. **Do not** create an issue on this repository, **Do not** disclose the vulnerability publicly
-1. In the top navigation of this repository, click the **Security** tab.
-1. In the top right, click the **Report a vulnerability** button.
-1. Fill out the provided form. It will request information like:
+1. **Do not** create a public issue on this repository.
+2. In the top navigation of this repository, click the **Security** tab.
+3. In the top right, click the **Report a vulnerability** button.
+4. Fill out the provided form with:
    - A description of the vulnerability
    - Steps to reproduce the issue
-   - Potential impact on student data or website functionality
+   - Potential impact
    - Suggested fix (if you have one)
 
 ## Response Timeline
-TBD/ASAP
+
+We will acknowledge your report within 48 hours and provide an estimated timeline for a fix.
 
 ## Thank You
 
 Your help is greatly appreciated!
-Responsible disclosure of security vulnerabilities helps protect our entire community
+Responsible disclosure of security vulnerabilities helps protect our entire community.