Only the latest published version is considered supported for security fixes.
Please do not open a public issue for a security problem.
Report security concerns privately through GitHub direct contact with the maintainer of this repository. Include:
- what is affected
- how it can be reproduced
- expected impact
- any suggested mitigation
Examples of security-sensitive issues for this project:
- arbitrary file write outside intended handoff locations
- unexpected execution paths during install
- leakage of sensitive local file paths or credentials
- plugin behavior that silently bypasses explicit user intent
We will investigate and respond as quickly as possible.