If you discover a security issue in this repository, please do not open a public issue.
Instead, report it privately via GitHub Private Vulnerability Reporting if enabled, or contact the repository maintainer privately.
Include:
- a clear description of the issue,
- reproduction steps,
- affected files/paths,
- potential impact.
The maintainers will acknowledge receipt, triage, and coordinate a fix before public disclosure.
If you find an exposed secret, credential, private material, or accidental personal data exposure:
- revoke/rotate it immediately if you control it,
- report the exposure privately to maintainers,
- include where it appears and any known access scope,
- avoid reposting the secret in issues, PRs, or logs.
This policy applies only to this repository and its contents.