Do not report security vulnerabilities through public GitHub issues.

Use GitHub's private vulnerability reporting flow for this repository when it is available:

1. Open the repository on GitHub.
2. Go to the Security tab.
3. Open Report a vulnerability.
4. Provide reproduction details, impact, and any suggested remediation.

If private vulnerability reporting is not enabled yet, contact the maintainers privately through GitHub before disclosing any details publicly.

Please include:

• affected package and version
• reproduction steps or a proof of concept
• impact assessment
• any known mitigations or patches

The maintainers will acknowledge the report, investigate, and coordinate a fix and disclosure timeline.