If you discover a security vulnerability, please report it responsibly:

1. Do not open a public issue.
2. Email the maintainer directly or use GitHub's private vulnerability reporting feature.
3. Include a description of the vulnerability and steps to reproduce it.

We will acknowledge receipt within 48 hours and aim to provide a fix or mitigation within 7 days for critical issues.