If you discover a security vulnerability, please do not disclose it publicly. Instead, report it privately to us at [your security email].

• Security vulnerabilities or potential exploits.
• Performance issues that could lead to abuse.
• Unexpected behavior that may pose a security risk.

We will:

1. Acknowledge receipt within 48 hours.
2. Investigate and assess the issue.
3. Provide a timeline for a fix if necessary.
4. Credit reporters if they wish (unless anonymity is requested).

Thank you for helping us keep the project secure!