Please do not report security vulnerabilities through public GitHub issues.

Instead, use one of the following:

1. GitHub Security Advisories (preferred, if enabled for this repository).
2. Email: geyunfei@gmail.com

When reporting, include:

• A clear description of the vulnerability and impact
• Steps to reproduce (proof-of-concept if possible)
• Affected versions / commit SHA (if known)
• Any suggested fix or mitigation (optional)

We aim to respond within 72 hours for initial triage and will keep you updated as we investigate.

This project is deployed from the main branch. Security fixes are applied to the latest production deployment; older deployments are not guaranteed to be patched.