Please report suspected security issues through GitHub's private security advisories rather than a public issue or pull request:

https://github.com///security/advisories/new

A maintainer will acknowledge the report within a reasonable window and work with you on a coordinated disclosure timeline. We appreciate responsible disclosure and will credit reporters in the release notes unless you prefer to remain anonymous.

Reports are welcome for any defect that could let an attacker:

• execute code outside the documented sandbox of a Topo tool (topo, topo-build, topo-check, topo-transpile, topo-lsp, …),
• escape the containment guarantees that a .topo declaration is meant to enforce against host code,
• cause memory corruption in a backend runtime (libtopo-parallel, libtopo-arena, …),
• exfiltrate credentials, source, or build artifacts through a Topo tool's network or filesystem behavior.

Out of scope: vulnerabilities in third-party dependencies (please report those upstream), and issues that require a malicious developer to already have write access to the build configuration.

This project is developed with substantial AI assistance — see AI-DECLARATION.md. The code reflects directed iteration but does not carry a line-by-line manual audit guarantee. Security reports are therefore especially welcome.