Thank you for helping keep this project and its users safe.

Please report vulnerabilities privately. Do not open a public issue.

• Preferred: Open a private GitHub Security Advisory for this repository.
• Alternative: Email the maintainers at [longreader@brzv.sk] with details and a way to reproduce.

What to include:

• Affected component(s) and version/commit if known
• Reproduction steps, proof-of-concept, or crash logs
• Impact assessment (what can an attacker do?)
• Your suggested remediation, if any

We will acknowledge receipt within 5 business days and provide an initial assessment within 10 business days. We strive to fix critical issues quickly and will coordinate disclosure with you. If you prefer attribution upon disclosure, please let us know.

We consider activities consistent with this policy to be authorized in good faith research. Please avoid privacy violations, data destruction, service disruption, and exfiltration of more data than necessary to demonstrate an issue.

If you require encrypted communication, please share your PGP key or request one from the maintainers.