Please do not open a public GitHub issue for security-sensitive reports.

Email security concerns to the maintainers via GitHub private vulnerability reporting on Pytxo-dev/pytxo, or contact the org owners directly.

We aim to acknowledge reports within 72 hours.

• pytxo CLI, MCP server, and Rust crates
• Pytxo Reality Deck (see pytxo-desktop when split)

Out of scope: vulnerabilities in third-party agent CLIs (Claude, Codex, etc.) invoked via pytxo run --cmd.