This repository currently supports the main branch only.

Please open a private security advisory in GitHub if available, or contact the maintainer directly before public disclosure.

• Frontend-only app with runtime-injected Gemini key.
• No server-side storage of incident artifacts.
• Container image serves static assets with Nginx.

• Move model calls behind a backend proxy.
• Add user authentication and RBAC.
• Add request rate limiting and audit logs.