If you discover a security vulnerability in this project, please:

1. Do NOT open a public issue
2. Contact the maintainer directly at yasenvarf@gmail.com
3. Include a description of the vulnerability and steps to reproduce
4. Allow time for the issue to be addressed before public disclosure

We will respond within 48 hours and work to resolve the issue as quickly as possible.

• Never commit .env files with real credentials
• Use .env.example as a template
• Rotate API keys regularly
• Keep dependencies updated