Please do not open a public GitHub issue for security vulnerabilities.

Report security issues by using GitHub's private vulnerability reporting on this repository.

Include:

• A description of the vulnerability and its impact
• Steps to reproduce (proof-of-concept if possible)
• Affected versions/commits

We will acknowledge your report within 72 hours and aim to release a fix within 7 days for critical issues.

This project contains development tools and data extraction scripts. Relevant vulnerability classes:

• Supply chain risks (compromised scripts in the repository)
• Path traversal or arbitrary file write in extraction scripts
• Code injection via malformed input data

Out of scope: game logic bugs, upstream dependency issues.