If you believe you have found a security vulnerability:

• Prefer using GitHub Security Advisories ("Report a vulnerability") if this repository is published on GitHub.
• If that is not available, open a GitHub issue without sensitive details and ask for a private contact channel.

Please include:

• A clear description of the issue and potential impact
• Steps to reproduce
• Any relevant logs with secrets removed

Only the latest version on the default branch is supported.