Security Policy Reporting a Vulnerability Please report sensitive security issues via Spotify's bug-bounty program by following this instruction, rather than GitHub.