Please do not open public issues for security-sensitive reports.

If GitHub private vulnerability reporting is enabled for this repository, use the repository security advisory flow.

If private vulnerability reporting is not available, contact the maintainers privately before publishing details. Include enough information for maintainers to reproduce and assess the issue, but do not include unnecessary secrets or customer data.

Security page: https://github.com/zgiai/zgi/security

Helpful details include:

• affected component or service
• affected version or commit
• reproduction steps
• expected impact
• logs, screenshots, or proof-of-concept code when appropriate

Use public issues for non-sensitive bugs and hardening suggestions that do not disclose exploitable details.

Never include API keys, tokens, private credentials, production URLs, or customer data in issues, pull requests, logs, screenshots, or examples.