I noticed that this project hasn't set up a SECURITY.md file yet. Adding one would help researchers and users understand how to report potential security vulnerabilities responsibly.
