If you discover a security vulnerability in TesterPayKit (SDK, CLI, or service), please report it privately — do not open a public issue.
Please include steps to reproduce and the affected package + version. We'll acknowledge your report and keep you posted on the fix.