If you discover a security issue in ARC-Core, please avoid opening a public exploit issue first.

Send a responsible disclosure with:

• affected area
• reproduction steps
• impact
• suggested mitigation if known

Until a private contact address is formalized, use GitHub security reporting when available.