Security fixes are applied to the latest version on main.
Please do not open a public issue for undisclosed vulnerabilities.
Instead, report privately by emailing:
kieran@every.to
Include:
- A clear description of the issue
- Reproduction steps or proof of concept
- Impact assessment (what an attacker can do)
- Any suggested mitigation
We will acknowledge receipt as soon as possible and work with you on validation, remediation, and coordinated disclosure timing.
This repository primarily contains plugin instructions/configuration plus a conversion/install CLI.
- Plugin instruction content itself does not run as a server process.
- Security/privacy behavior also depends on the host AI tool and any external integrations you explicitly invoke.
For data-handling details, see PRIVACY.md.