If you discover a security issue, please open a private security report in the repository host or contact maintainers directly.

Include:

• affected version
• reproduction steps
• impact assessment
• suggested remediation (if available)