Do not open public issues for suspected vulnerabilities.

Please report privately if you find:

• unsafe command execution
• incorrect trust boundaries between June, ARGUS, ATLAS, and Operator
• contract parsing vulnerabilities
• secret exposure in artifacts or logs
• path traversal or arbitrary file write issues

Use GitHub private vulnerability reporting if available, or contact the maintainer through a private channel first.