HTTPS
Public environments should use HTTPS to protect network exchanges. Final configuration must be validated at deployment time.
Authentication
The product uses authentication mechanisms such as JWT/auth and may rely on Clerk identifiers. Secrets, tokens and passwords must never be shared by email.
Payments
Premium flows may rely on payment or store providers. Do not send card data to support.
Vulnerability reporting
To report a vulnerability, contact support with a clear description, reproduction steps and estimated impact, without further exploiting the issue.
Limits
BlitzForge does not promise zero vulnerabilities. Security measures must be maintained, tested and reviewed regularly.