Thank you for taking the time to help improve the security of this project. We value the effort of security researchers and community members in making this project safe and trustworthy for everyone.

If you discover a security issue or potential vulnerability, please report it privately and responsibly so we can investigate and fix it.

You can report vulnerabilities through one of the following methods:

• Email: @gmail.com
• GitHub Issue: Create an issue and tag it with security (only if the vulnerability is not sensitive or exploitable)

Do not disclose security issues publicly until we have verified and addressed them.

This policy applies to:

• The source code and configuration files in this repository
• Any deployed services or environments managed by the project (if applicable)
• Third-party integrations directly used in the project

Outside of Scope:

• Vulnerabilities in third-party tools or platforms not maintained by this project

We aim to acknowledge all reports within 3–5 business days.

Once validated:

• We will investigate and prioritize the issue
• We will work on a fix and notify you when it is resolved
• If necessary, we may collaborate with you for further testing

To make the process safe and respectful for everyone, we ask that you:

• Avoid sharing or leaking the issue to others before it’s resolved
• Provide a detailed report with reproduction steps or proof of concept (PoC)
• Avoid accessing, modifying, or deleting user data
• Give us a reasonable amount of time to fix the issue before public disclosure

We sincerely appreciate your contribution to the security of this project. Your efforts help us build a better and more trustworthy open-source ecosystem.

Thank you!