# Security Policy

## Reporting a vulnerability

Please report suspected vulnerabilities privately through GitHub
Security Advisories or your organization's private security channel.

Do not open public issues for security-sensitive reports.

## Response goals

- Acknowledge receipt quickly.
- Validate impact and scope.
- Prepare a remediation plan and coordinated disclosure path.