If you discover a security vulnerability, please report it by opening a confidential issue or emailing the maintainer. Do not disclose security issues publicly until they have been reviewed and patched.

• Provide a detailed description of the issue
• Include steps to reproduce if possible
• Suggest a possible fix if you have one

• No hardcoded secrets or credentials in scripts
• Use environment variables for sensitive data
• Validate all user input
• Prefer least-privilege permissions for automation

Thank you for helping keep this project secure!