We take security seriously. If you discover a security vulnerability:

1. DO NOT open a public issue
2. Email us at security@opensin.ai
3. Include detailed steps to reproduce
4. We will respond within 48 hours

• Never commit API keys or secrets
• Use environment variables for sensitive data
• Review all PRs for security implications
• Keep dependencies up to date

We offer rewards for responsible disclosure of security vulnerabilities.