If you discover a security vulnerability in @omnifolio/nextjs-security-headers, please report it responsibly:

1. DO NOT open a public issue
2. Email security@omnifolio.app with details
3. Include steps to reproduce if possible

We will acknowledge receipt within 48 hours and provide a fix timeline within 5 business days.