• Supported Node.js versions: 20+ (per engines in package.json)
• Please report vulnerabilities privately via the contact page
• Do not file public issues for security reports.

We’ll acknowledge receipt within 72 hours and aim to provide a fix or mitigation plan promptly.