If you believe you have found a security vulnerability, please open a private security advisory or email the maintainers. Do not file a public issue with exploit details.
Include:
- A clear description of the issue
- Steps to reproduce
- Impact assessment
- Suggested remediation (if available)
We will acknowledge receipt and aim to provide a fix timeline.