Please report security vulnerabilities by email to y.suwa@kairotech.jp.
Do not open a public GitHub issue for security-sensitive matters.
We will respond within 5 business days and aim to release a fix within 30 days of confirmation.
- Authentication and session handling
- Multi-tenant data isolation
- File access controls
- API key exposure