This project is a learning-oriented open-source initiative and not intended for production use. As such, we do not maintain formal version support. However, we welcome responsible disclosure of security vulnerabilities that may be relevant for educational purposes or code correctness.

If you discover a security issue or potential vulnerability in this repository, please help us improve the project by reporting it responsibly.

• Preferred Method: Please email the maintainer directly with:

  • A detailed description of the issue
  • Steps to reproduce the vulnerability
  • Your proposed fix (if any)

• Alternative: Open an issue with the confidential label (GitHub doesn't support private issues yet, so this should be minimal and generic until email contact is established).

⏳ We aim to respond within 7 days and, if necessary, will coordinate a patch or fix in a timely manner.

Please avoid:

• Publicly disclosing the vulnerability before we’ve had a chance to investigate.
• Using exploits for malicious purposes.

We appreciate your help in making this educational project more robust and secure for learners.

This security policy applies to:

• The source code in this repository
• Any scripts, configurations, or helper files that could pose risks if misused

Note: This project does not interact with external systems or run as a service; therefore, many typical attack vectors (e.g., injection, auth bypass) may not apply.

🙏 Thank you for contributing to open-source education securely!