If the security issue is a general weakness or poor practice that is not directly exploitable, please open a Issue on GitHub and add the security label.

If the security issue is a vulnerability that can potentially be exploited or has a exploit developed/proven, please email ghostofgoes(at)gmail.com. Please include in the email a description of the vulnerability, any proof of concept code/exploit code, and any other information that you believe may be relevant. PGP signed message is preferred but not required.