Always update to the latest release: innerwarden upgrade

Do not open public issues for security vulnerabilities.

Use GitHub private vulnerability reporting to report securely.

Include:

• InnerWarden version (innerwarden status)
• Steps to reproduce
• Impact (what an attacker can do)
• Whether responder was enabled (dry_run = true or false)

• Acknowledge within 48 hours
• Validate and assess severity
• Fix and release a patched version
• Credit the reporter (unless they prefer anonymity)

Inner Warden includes:

• Dependency auditing - cargo-deny runs on every push (RustSec advisories + license compliance)
• Secrets scanning - gitleaks + GitHub secret scanning with push protection
• Automated dependency updates - Dependabot weekly
• GitHub Actions pinned to SHA - prevents supply chain attacks
• Branch protection - CI + Security checks required before merge
• Append-only audit trail - every decision logged to JSONL, immutable
• Safe defaults - dry_run = true, responder disabled, confidence threshold above max on install