Do not report sensitive security concerns through public issues.

For this early-stage project, open a private channel with the maintainer before sharing exploit details publicly.

• CLI file generation behavior
• Package publishing workflow
• Repository automation
• Documentation that could encourage unsafe operations