This repository is an engineering portfolio / MVP demo. Security fixes are
applied on a best-effort basis on the main branch.
Please do not open a public GitHub issue for security-sensitive reports.
Email the repository owner via GitHub profile contact or open a private security advisory on GitHub if enabled for this repository.
Include:
- Description of the issue and potential impact
- Steps to reproduce
- Affected paths or commit hash
We aim to acknowledge reports within 7 days.
Do not commit API keys, signing keys, .env files, keystores, or provisioning
profiles. Report accidental exposure immediately so credentials can be rotated.