We will provide security updates for the current release version of this project. Anything else will not receive security updates.

If you discover a security vulnerability, do not open a public issue. Instead, follow these steps:

1. Open a private/draft security advisory on GitHub.
2. Provide a detailed description of the vulnerability, including:
   • Steps to reproduce
   • Potential impact
   • Suggested fixes (if any)
3. We will acknowledge your report as quickly as possible and provide a timeline for a fix.
4. Once the vulnerability is fixed, we may publicly disclose it (with credit to you, if desired).

• Avoid using user-controlled input directly in shell commands or workflows.
• Follow the OWASP Cheat Sheet Series for secure coding practices.
• Report any suspicious activity or potential vulnerabilities immediately.

Security researchers and contributors who responsibly disclose vulnerabilities will be publicly acknowledged in our release notes (unless anonymity is requested).