The main branch and the latest tagged release are supported for security reports.

Please open a private security advisory if available, or contact the maintainer through GitHub.

Do not include private financial data, credentials, brokerage data, wallet data, or personal account information in public issues.

This project should not require:

• brokerage access,
• wallet access,
• email access,
• credentials,
• .env files,
• private account access,
• scraping behind logins or paywalls,
• or paid APIs for core functionality.

If a contribution introduces any of the above, it requires explicit maintainer review and is likely out of scope for the core repo.