Since plugins use the internet, security is a top priorty. Writing thread-safe, protected, and working code is very important, and we want to uphold those standards as much as possible

• Do not use any other version or server API than what is explicitly stated in the README.
• If you are fearful, refrain from using any content that is in pre-release status or recently merged from an external user
• Look for any open security issues on a plugin before downloading. If there are any open, refrain from using it.
• Refrain from editing source code unless you know what you are doing
• Use common sense and instinct, if necessary

If you find any sort of security, immediately open an issue in the Issues tab and add the label If the vulnerability is super important and dangerous, add the and labels

If a security problem was already picked up by the Codacy Security Scan in the Security tab, it is known, and there is no need to report it; it is being worked on