If you discover a security vulnerability, please report it responsibly:

1. Do not open a public issue
2. Email the maintainer at security@devtheops.com
3. Include:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix, if any

• Acknowledgment within 48 hours
• Initial assessment within 7 days
• Status updates at least every 14 days until resolved
• Public disclosure only after a fix is released