If you discover a security issue in this project, please do not open a public issue. Instead, report it privately so we can address it responsibly.

• Email: scott@sketchandbuild.com (or your alternate secure contact method)

You can also use GitHub's private vulnerability reporting feature.

We aim to respond to reports within 48 hours and resolve confirmed issues as quickly as possible.

This project is a CLI tool and does not directly handle user input or authentication. However, it does interact with local and remote file systems and should be considered sensitive in automated pipelines or cloud environments.

We appreciate responsible security research and will credit any reporters who help us keep the project safe.

I am just one guy making my work public, for free, to give back to the community. I cannot offer any bug bounties or monetary rewards. However, I will gladly accept any help you can provide in making this project better.