If you discover a security vulnerability in this project, please report it responsibly.

Do not open a public issue.

Instead, please use GitHub's private vulnerability reporting to submit your report. This ensures the issue can be assessed and addressed before public disclosure.

You should expect an initial response within 72 hours. I'll work with you to understand the issue and coordinate a fix and disclosure timeline.

This policy applies to the latest release on the main branch.