Security fixes target the latest released version of causetrace.
Do not open a public issue for vulnerabilities, credentials, or sensitive trace data. Use the repository's Security tab and select Report a vulnerability to submit a private report, including:
- the affected version or commit;
- minimal reproduction steps;
- impact and suggested remediation, if known;
- redacted evidence only.
Runtime traces can include prompts, source paths, tool output, and secrets. Remove sensitive values before attaching any sample to a report or pull request.