Please do not file a public issue for security reports.

Preferred:

• Use GitHub Security Advisories (private report), if enabled for this repo.

Fallback:

• Email: security@clawtown.io

• A clear description of the issue and potential impact
• Reproduction steps (or a minimal PoC)
• Any suggested fix/mitigation

We’ll acknowledge receipt and aim to provide an initial response within 72 hours.