We take security issues seriously and appreciate responsible disclosure.

Please do not open a public GitHub issue for security reports.

Instead, use one of these private channels:

• GitHub Security Advisories (preferred): open a private advisory in the repository.
• Email: send a report to contact@abstractcore.ai with the subject "Security report: AbstractCore".

Include as much of the following as possible:

• A clear description of the issue and why it matters.
• Steps to reproduce (proof-of-concept code is welcome).
• The affected version(s) (see abstractcore.__version__).
• Any suggested fix or mitigation, if you have one.

• We will acknowledge receipt of your report within 72 hours.
• We will work with you to assess impact, determine a fix, and coordinate a disclosure timeline.

Security fixes are typically released for the latest published version.