This project is currently in early development. Security fixes are applied to the latest main branch.

Please do not report security vulnerabilities in public issues.

Use GitHub Security Advisories to report privately:

• Repository: Security tab
• Action: Report a vulnerability

If you cannot use advisories, contact the maintainer privately at @realmorrisliu.

Please include as much of the following as possible:

• Affected component(s)
• Reproduction steps or proof of concept
• Impact assessment
• Suggested remediation (if known)

• Initial acknowledgment target: within 72 hours
• Triage and remediation timeline depends on severity and exploitability