Please do not open public issues for security vulnerabilities.

Use GitHub's private vulnerability reporting for this repository:

• Repository Security tab
• Report a vulnerability

If private reporting is not available, contact the maintainers directly with:

• A clear description of the issue
• Impact assessment
• Reproduction steps or proof of concept

• Initial acknowledgement: within 7 days
• Status updates: as findings are confirmed
• Fix and coordinated disclosure timing: case-by-case based on severity