AWS Okta Keyman handles authentication and given that there's certainly concerns about security. Given how this project has been written and that it runs locally and is user-driven it's highly unlikely that there is going to be a security vulnerability in the project that requires private disclosure. In such a case, however, please contact me directly.