Extension As Mitigation

A library exposes a subclass, callback, or hook framed in the documentation as the seam where the consumer adds security validation, while keeping the unsafe sinks inside the library and never enumerating the inputs the consumer must sanitize. The extension is positioned as the fix; using it does not close the gap.