If you discover a security issue, please do not post exploit details publicly in a GitHub issue.

Instead, contact the maintainer privately and include:

• a summary of the issue
• affected versions
• steps to reproduce
• suggested remediation if known

Please allow reasonable time for a fix before public disclosure.