If you find a security issue in an Off By One project, please report it responsibly.
Do not open a public issue for sensitive vulnerabilities.
Contact the maintainer through GitHub first with:
- affected repository
- short description
- steps to reproduce
- possible impact
Security reports are especially important for:
- authentication
- private user data
- tokens or API keys
- file imports and exports
- browser storage
- AI workflow logging
We will try to acknowledge valid reports quickly and keep the fix focused.