If you discover a security vulnerability, please report it responsibly:

1. Do not open a public GitHub issue
2. Email security concerns to: jeremy@intentsolutions.io
3. Include:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if any)

We will acknowledge receipt within 48 hours and provide a detailed response within 7 days.

• Keep dependencies updated
• Never commit secrets or credentials
• Use environment variables for sensitive configuration
• Follow the principle of least privilege