If you find a security issue, data exposure risk, or prompt-injection path that could cause unsafe medical or document handling behavior, please report it privately to the maintainer before opening a public issue.

• Do not commit API keys, .env files, or credential dumps.
• Do not commit patient-identifiable information.
• Do not commit copyrighted PDFs or extracted text from third-party materials.

This repository is a local research tool. It is not intended for unattended clinical decision-making, and its outputs should always be reviewed by a qualified human.