I currently do not have a workflow for handling security issues in my projects. If you find a security vulnerability, please open an issue for the project (don't provide details on how to reproduce the issue) and we can discuss a method of communication from there.