Security Policy

Reporting a Vulnerability

Please do not open public GitHub issues for security reports.

Email: kazuhiroh+karad@gmail.com

Include as much information as possible:

• A description of the vulnerability and impact
• Reproduction steps or a proof-of-concept
• Affected versions / commit SHA
• Any suggested remediation

Response expectations

• We will acknowledge receipt within 7 days.
• We will provide a status update as the report is triaged.
• If a fix is accepted, we will coordinate disclosure timing with you.

Supported versions

This repository does not currently publish versioned releases. Security fixes are applied to the default branch.