1. Open a GitHub issue labeled security with no secrets, exploit code, or sensitive details.
2. Email security@graphistry.com with reproduction details and impact.

Please include:

• steps to reproduce
• affected files/paths
• expected vs actual behavior
• mitigation ideas (if any)

We aim to acknowledge reports within 48 hours and provide an update on triage status and next steps.

We will validate severity, prepare a fix/release plan, and coordinate disclosure timing with the reporter when possible.