From dd26eb39b04db5bd282509787d2b8fbff11ba694 Mon Sep 17 00:00:00 2001
From: Kynan Ware <47394200+BagToad@users.noreply.github.com>
Date: Wed, 24 Jun 2026 10:16:22 -0600
Subject: [PATCH] Add security disclosure guidance to AGENTS.md (#13720)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 AGENTS.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/AGENTS.md b/AGENTS.md
index a9e3ab10951..c3ae763cb60 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -2,6 +2,10 @@
 
 This is the GitHub CLI (`gh`), a command-line tool for interacting with GitHub. The module path is `github.com/cli/cli/v2`.
 
+## Security Disclosures
+
+**Never** post security-related content - vulnerabilities, exploits, proofs of concept, or attack details - in any issue, pull request, comment, commit, or discussion. Stop and file a security advisory per [`.github/SECURITY.md`](.github/SECURITY.md).
+
 ## Build, Test, and Lint
 
 ```bash