Please do not open a public GitHub issue for security vulnerabilities.

Instead, email: security@lourdhu02.dev (or open a private security advisory).

Include:

• A description of the vulnerability
• Steps to reproduce
• Potential impact
• Any suggested mitigations

You will receive a response within 72 hours. We aim to release a patch within 14 days of confirmation.