Security review applies to source code, examples, documentation, and contribution workflows in this repository.

Do not open public issues for active vulnerabilities, exposed credentials, private network identifiers, or sensitive deployment details. Contact maintainers through a private channel when available and include:

• A short summary of the concern.
• Steps to reproduce safely.
• Affected files, examples, or documentation.
• Any known impact on privacy, availability, integrity, or community safety.

Maintainers should acknowledge reports promptly, assess severity, coordinate fixes, and publish public notes only after sensitive details are safe to disclose.

• Never commit real passwords, API keys, private keys, or private network credentials.
• Use synthetic data in tests and examples.
• Avoid publishing exact sensitive infrastructure locations.
• Document security assumptions and limitations near the affected technical material.