Please do not open a public issue for security vulnerabilities.

Instead, email security@idevtim.com with:

• A description of the vulnerability
• Steps to reproduce
• Potential impact

• Initial response: within 48 hours
• Fix timeline: depends on severity, but we aim for a patch within 7 days for critical issues

Security concerns relevant to DeMarkup include:

• Content script injection or XSS via converted page content
• Clipboard data leakage
• Unexpected permission escalation
• Data exfiltration through the extension

Thank you for helping keep DeMarkup safe.