Security guidance and policy are maintained at:
Please report vulnerabilities privately to the maintainer. Do not open public issues for sensitive security reports.
This file is a repository-level pointer. For assumptions, responsibilities, and operational controls, use the canonical page above.