Security Reporting If you find a security issue, report it privately to yoking@outlook.com instead of opening a public issue. Scope Do not commit secrets. Do not expose runtime data. Treat environment files and storage directories as sensitive.