Report security issues, accidental personal-data exposure, broken access controls, exposed credentials, or unsafe evidence publication privately to the site maintainer.

Do not publish exploit details, private identifiers, unredacted personal records, account credentials, private addresses, bank details, biometric identifiers or protected correspondence in public issues.

The maintainer should preserve original evidence privately where required, publish only redacted public copies where appropriate, and document material corrections with dates.