Please do not report security issues in public GitHub issues or discussions.

For the canonical GitHub repository, use GitHub's private vulnerability reporting flow:

1. Open the repository's Security tab.
2. Choose Report a vulnerability.
3. Include reproduction steps, impact, and any suggested mitigation.

If private reporting is not yet enabled on the repository you found, do not open a public issue. Contact the maintainer privately before disclosure.

We will acknowledge new reports as soon as practical and aim to follow up with triage status, impact assessment, and any remediation timeline once confirmed.

Until Aetrain has tagged releases, only the current main branch is supported for security fixes.