Only the latest minor release is supported for security fixes.

If you discover a safety bypass, parser bug, or configuration issue that could cause unintended destructive execution, report it privately before opening a public issue.

• Never execute destructive commands from the helper layer.
• Prefer false positives over false negatives for risky operations.
• Make wrapper parsing explicit and auditable.
• Keep config generation separate from config mutation.