If you discover a security vulnerability, please open a private security advisory on GitHub or email isxiongzj@gmail.com before public disclosure.

Please include:

• Description of the issue
• Steps to reproduce
• Potential impact
• Suggested fix (if known)

We aim to acknowledge security reports within 48 hours and provide updates on progress regularly.