This project is currently in active development. Security fixes are applied to the latest main branch first.

Please report vulnerabilities privately.

1. Contact repository owner @kanweiwei directly on the hosting platform (private message).
2. Use title: [CreatorWeave Security] <short title>
3. Include:
   • Vulnerability type and impact
   • Reproduction steps or PoC
   • Affected components/paths
   • Suggested remediation (optional)

Please do not open public issues for unpatched vulnerabilities.

1. Initial response: within 3 business days
2. Triage decision: within 7 business days
3. Fix timeline: depends on severity and complexity

After a fix is released, maintainers may publish a brief advisory with mitigation guidance.