Report vulnerabilities privately via GitHub's private vulnerability reporting, or by emailing the repository owner.

Do not include access tokens, recovery keys, pickle keys, or Matrix session stores in public issues.

This project is pre-1.0.0 and experimental. Security fixes target the latest published version.