If you discover a security vulnerability, please report it responsibly:

1. Do not open a public issue.
2. Email the security details to the project maintainers.
3. Include steps to reproduce the vulnerability.
4. Allow reasonable time for a fix before public disclosure.

We will acknowledge receipt within 48 hours and provide a timeline for resolution.