sentinel is a read-only log analysis tool. It does not make network connections, write to any files (except stdout), modify system state, or execute any commands other than what you invoke it with. Its attack surface is limited to:

• Malicious log input — crafted auth.log content designed to trigger ReDoS (catastrophic backtracking) or cause incorrect findings
• Path traversal — the logfile argument accepts a file path; ensure you don't run it with untrusted arguments in an automated pipeline without validating the path first

Open a GitHub Security Advisory on this repository (private by default).

Include: description, reproduction steps, Python version, and OS.

Response SLA: acknowledgment within 3 business days, fix within 14 days for confirmed issues.