Please do not open public issues for security vulnerabilities.

TODO: Add the project security contact or organizational reporting route.

This project may include research code, data processing, web applications, workflows, or models. Security expectations should match the project scope and risk profile.

Document:

• sensitive data assumptions
• authentication and authorization model, if any
• deployment environment, if any
• secrets management approach
• dependency update policy