Security support applies to the current main branch and the latest GitHub Release tag.

Please do not open public issues for sensitive vulnerabilities.

Use GitHub Security Advisories for this repository when available. If that is not available, contact the repository owner through GitHub and share only the minimum information needed to coordinate a private report.

Do not include secrets, access tokens, private GitHub data, private repository names, or personal data in public discussions.

Buildmarks is a public-data GitHub profile README artifact generator. Security reports should focus on the public core, GitHub Action behavior, generated SVG or HTML output, token handling, and public GitHub collector behavior.