Only the latest version on main is considered supported.

Please do not open public issues for sensitive vulnerabilities.

Report privately by contacting the repository owner with:

• A description of the issue
• Impact assessment
• Reproduction steps
• Suggested mitigation (if available)

You will receive an acknowledgment as soon as possible.

• Never commit .env.
• Rotate Telegram bot tokens immediately if exposed.
• Keep chat IDs private when command access is restricted.