If you believe you have found a security vulnerability in WhaleWhisper, please do not open a public issue with exploit details.
Use the repository’s Security → Advisories feature to report privately (if enabled).
Open an issue with high-level information only (no exploit, no tokens/keys, no sensitive logs), and state that you are requesting a private channel for full details.
Before sharing logs/configs, please redact:
- API keys / tokens
- Access credentials
- Private URLs / internal IPs
- Personal data