If you discover a security vulnerability, please report it responsibly:

1. DO NOT open a public GitHub issue
2. Email the maintainer or use GitHub's private vulnerability reporting
3. Include a description of the vulnerability and steps to reproduce

• Critical vulnerabilities: 24-48 hours
• Non-critical: 7 days

Thank you for helping keep this project safe!