This shelf is governance documentation and scripts, not a runtime service.

Use Private vulnerability reporting on the hosted repository: https://github.com/maruwork/github-optimization/security/advisories/new

You can also open a private security advisory from the repository Security tab.

Include:

• affected file path
• reproduction steps if script-related
• whether a target product repository is impacted

Target product vulnerabilities belong in those product repositories, not in this generic shelf.