Current support target: latest main branch and newest tagged release.

Please do not open public issues for suspected vulnerabilities.

Preferred process:

1. Email lpcisystems@gmail.com (or use a private GitHub Security Advisory, if enabled).
2. Include reproduction steps, expected impact, and any known mitigation.
3. You should receive acknowledgment as soon as possible.

Before production use:

• Start in audit-first mode and validate policy against real workloads.
• Prefer --agent-pid over process-name matching.
• Keep scope allowlists narrow and explicit.
• Store logs on protected storage and define rotation/retention.
• Pair with inbound protections (for example, Little Canary) for layered defense.