Please do not open a public issue for security reports.

If you believe you have found a vulnerability in ccaudit, report it privately through GitHub Security Advisories for this repository (maintainers must enable this under GitHub → Settings → Security → "Private vulnerability reporting" before the link is active). If that is not available, contact the maintainers through a private channel and include:

• a clear description of the issue
• steps to reproduce
• affected versions or commits
• any proof-of-concept details, if available

Please share only the minimum details needed to verify the issue. If the report involves secrets, tokens, or local configuration data, redact them before sending.

We will review private reports as quickly as possible and coordinate a fix or disclosure path before public release.