If you discover a security vulnerability, please report it responsibly:

1. Do not open a public issue
2. Email security concerns to the maintainer
3. Include steps to reproduce the vulnerability
4. Allow reasonable time for a fix before disclosure

Security patches are released as soon as possible after verification.