Please add your own security policy instead of Google Bug Bounty

[0dd]

What happened?

Currently the security policy of QWEN CLI is still using Google report portal.

https://github.com/QwenLM/qwen-code/security/policy
Redirecting to g.co/vuln
I understand this project is a fork based on Gemini-CLI. - But Please take your own security responsibility

What did you expect to happen?

See Qwen or Alibaba Security Vulnerabilities report portal or Bug Bounty Portal

Client information

any version, the GitHub link it self is not correct

Login information

No response

Anything else we need to know?

No response

[pomelo-nwu]

Thank you for reporting this important issue.You're absolutely right! this appears to be an oversight from the original fork.
I just opened a PR to fix this：#390

[FailButWin]

@pomelo-nwu where do i report security issues, the provided link in the security advisory is an old deprecated link and when I go to the new one: Vulnerability Platform: https://yundun.console.aliyun.com/?p=xznew , the main platform for you to register for projects, submit vulnerabilities. I cant find anything for qwen-code, the only thing related to qwen is the website. Can you help me understand where to report security issues?