Security issues include:

• Vulnerabilities in automation scripts or JSON workflows
• Exposure of private data, credentials, or API keys
• Flaws enabling unsafe or unintended automated behavior, especially if triggerable remotely or without explicit user consent

Model output quality or coaching logic disagreements are not security issues.

Use GitHub Private Vulnerability Reporting
(Security tab → "Report a vulnerability").

If unavailable, open a GitHub issue marked Security without sensitive details.

Reports are acknowledged within 7 days.

Confirmed issues will be fixed or mitigated before public disclosure.