If you discover a security vulnerability, please report it by emailing cmangun@gmail.com with:

1. Description of the vulnerability
2. Steps to reproduce
3. Potential impact assessment
4. Any suggested fixes (optional)

• Initial Response: Within 48 hours
• Status Update: Within 7 days
• Resolution Target: Within 30 days for critical issues

We follow responsible disclosure practices:

1. Reporter notifies maintainer privately
2. Maintainer acknowledges and investigates
3. Fix is developed and tested
4. Coordinated public disclosure after fix is available

This policy applies to:

• All code in this repository
• Configuration files and templates
• Documentation that could expose security-sensitive information

• Vulnerabilities in dependencies (report to upstream maintainers)
• Issues in example/demo configurations not intended for production use