If you discover a security issue, please do not open a public issue.

• Report privately to the maintainer:
• Include steps to reproduce and potential impact.
• We will acknowledge receipt within 48 hours and provide updates as triage progresses.

Do not commit secrets. Prefer Kubernetes Secrets or Azure Key Vault via Secret Store CSI.