Please report suspected vulnerabilities privately to security@shipable.dev.

Do not open public issues for vulnerabilities, leaked credentials, or exploit details. Include affected versions, reproduction steps, impact, and any relevant logs or proof of concept material.