If you discover a security issue, please do not open a public issue.
Instead, report it privately to the maintainers through the DREAMVFIA UNION GitHub organization contact path and include:
- A clear description of the issue
- Steps to reproduce
- Potential impact
- Suggested remediation, if available
Security reports are especially helpful for:
- Authentication and authorization
- Secrets handling
- API exposure
- Container and deployment configuration
- Dependency vulnerabilities
- Unsafe code execution or tool access
We appreciate responsible disclosure and will review legitimate reports as quickly as possible.