If you discover a security issue, use GitHub Security Advisories for this repository or email jscraik@brainwav.io.

Last updated: 2026-01-04

This CLI is read-only by design and stores credentials encrypted locally. Report security issues privately using GitHub Security Advisories or email. Include reproduction steps with secrets removed, and maintainers will coordinate fixes.

• Audience: security researchers and users reporting vulnerabilities.
• Scope: how to report security issues for this repository.
• Non-scope: support requests or public disclosure timelines.
• Owner: repository maintainers.
• Review cadence: every release or at least quarterly.
• Required approvals: maintainers for public changes.

For details, see docs/SECURITY.md.