If you discover a security vulnerability, please report it responsibly:

1. Do not open a public issue
2. Email the maintainer directly or use GitHub's private vulnerability reporting
3. Include a description of the vulnerability and steps to reproduce

We will acknowledge your report within 48 hours and work on a fix promptly.