Privacy Filter is designed for local text sanitization, so security and privacy issues deserve private handling whenever disclosure could expose a user workflow, a secret-handling gap, or an exploit path.
Security fixes are expected to land on the latest main branch state first. Older commits or branches may not receive backports.
- Prefer GitHub private vulnerability reporting if it is enabled for the repository.
- If private reporting is unavailable, contact the maintainer through the repository owner's GitHub profile before opening a public issue.
- Do not post exploitable details, secrets, personal data, or reproduction payloads in a public issue.
- affected version, commit, or branch
- impact summary
- reproduction steps
- whether the issue can expose secrets, personal data, or unintended network transmission
- any suggested mitigation if you already have one
The goal is to acknowledge new reports promptly, confirm impact, and coordinate a fix before public disclosure when possible.