If you discover a security vulnerability in this project, please report it by opening an issue or contacting the maintainers directly. Do not include sensitive details in a public issue; provide enough information for the maintainers to reproduce the problem and follow up with a private disclosure if necessary.

Suggested steps for maintainers:

• Triage the report and confirm the vulnerability.
• Create a private fork/branch for reproducing and fixing the issue.
• Coordinate disclosure timeline with the reporter.
• Release a patched version and update the repository with a public advisory.

No sensitive data or secrets should be committed to this repository. Use environment variables or user secrets for anything sensitive required at runtime.