If you believe you have found a security or safety issue, including information hazards or dual-use risks, please report via a Risk Report issue template. Avoid posting potentially enabling details publicly.

• Create a Risk Report issue with minimal, non-enabling description.
• Mark any sensitive attachments as private and avoid operational specifics.
• Stewards and Safety Maintainers will triage within 3 business days.

• We may immediately redact or revert content.
• A post-incident summary will be published in docs/incidents/.