If you discover a security issue, do not open a public issue with exploit details.

Please report privately to the repository owner with:

• affected file/component
• reproduction steps
• impact summary
• suggested fix (if available)

• Telegram user allowlist (ALLOWED_USER_IDS)
• Subprocess environment whitelist (not full parent env passthrough)
• Output redaction before Telegram delivery
• Command guardrails against unsafe shell patterns
• Local .env only; no secrets in tracked files

1. Never commit API keys or tokens.
2. Keep .env local and gitignored.
3. Use .env.example for templates only.
4. Rotate keys immediately if exposure is suspected.

• Run with least-privilege keys.
• Restrict Telegram allowed user IDs to known operators only.
• Audit logs/ and data/ access permissions.
• Review changes before enabling new tools/providers in production.