If docs-drift produces output that could expose sensitive repository paths, secrets, or private documentation content, report it privately before opening a public issue.

Until a dedicated security contact is configured, open a minimal issue that states a private disclosure is needed and do not include exploit details.