If you discover a security vulnerability, please report it responsibly.

Do NOT open a public issue.

Instead, please send an email to [INSERT EMAIL ADDRESS] with the following details:

• Description of the vulnerability
• Steps to reproduce the issue
• Potential impact
• Suggested fix (if any)

• Acknowledgement: Within 48 hours
• Initial assessment: Within 1 week
• Fix and disclosure: Depending on severity, typically within 30 days

• We will work with you to understand and address the issue
• We will credit you in the security advisory (unless you prefer to remain anonymous)
• We ask that you give us reasonable time to address the issue before public disclosure

Thank you for helping to keep this project and its users safe!