If you discover a security vulnerability in FLONK, please report it responsibly:

1. Do not open a public issue
2. Instead, open a private security advisory on GitHub
3. Or contact the maintainer directly

We will acknowledge your report within 48 hours and work on a fix.

This policy applies to the FLONK game client code in this repository. Backend services and infrastructure are out of scope.