Please do not open a public issue for security vulnerabilities.

Open a GitHub security advisory or contact the maintainer privately with:

• affected version
• steps to reproduce
• impact assessment
• mitigation ideas, if available

• Inference runs locally on-device.
• Network access is used for model downloads and CI/release operations only.
• main remains focused on stable SD 1.5/QNN production work; research tracks stay isolated.
• Dependency and workflow hygiene are treated as part of release quality.