The main branch is actively maintained and receives security updates.
Please open a private security advisory in GitHub Security Advisories for this repository.
If advisory access is unavailable, open an issue titled security: private disclosure request
without including exploit details. Maintainers will provide a private channel.
Please include:
- Affected component (
backend/engine,backend/cli, orweb) - Reproduction steps and impact
- Suggested remediation (if available)
We aim to acknowledge reports within 72 hours.