Please do NOT report security vulnerabilities through public GitHub issues.

Instead, please report them via email to the maintainer. You can find contact information on the GitHub profile.

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

• Acknowledgment within 48 hours
• Status update within 7 days
• We will work with you to understand and address the issue
• Public disclosure after the fix is released

• We follow coordinated disclosure practices
• We will credit reporters (unless they prefer anonymity)
• Fixes will be released as patch versions