Please email security@f8.example (Phase 8 — placeholder) with:

• A description of the vulnerability.
• Steps to reproduce or a proof of concept.
• The affected version(s).

We respond within 72 hours and aim to ship a patch release within 14 days.

Do not open a public issue for security disclosures.