Please do not report security vulnerabilities through public GitHub issues.
Email security@rimo.app instead. We aim to acknowledge reports within a few business days.
When reporting, please include:
- The
rimoversion (rimo version) - Your OS and architecture
- Steps to reproduce
- The potential impact
Do not include secrets, API tokens, or other sensitive data in your report — redact them first.
Only the latest released version of the Rimo CLI is supported. Please upgrade to the latest release before reporting an issue.
Every release publishes a checksums.txt. Verify your download before use — see
Installation for instructions.