If you discover a security vulnerability, please report it privately by opening a draft security advisory on GitHub:

1. Go to https://github.com/LoneTraderRishi/onclock/security/advisories
2. Click "New draft security advisory"
3. Fill in the details

Please do not report security vulnerabilities through public GitHub issues.

We'll respond within 48 hours and work on a fix before any public disclosure.