Please do not open a public GitHub issue for security vulnerabilities.

Email security@yourproject.com with:

• A description of the vulnerability
• Steps to reproduce
• Potential impact

You'll receive a response within 72 hours. We'll coordinate a fix and disclose publicly after a patch is released.