If you discover a security vulnerability, please:

1. Do NOT open a public issue
2. Email the maintainers directly (see profile)
3. Include details about the vulnerability
4. Allow time for a fix before public disclosure

We take security seriously and will respond promptly.