Please report security issues privately.

Disclosure contact: https://github.com/baditaflorin/local-proofreader/security/advisories/new

Do not open a public issue for vulnerabilities involving data exposure, dependency compromise, or browser-extension privilege escalation.

Local Proofreader should never send draft text to a server. Reports that show text leaving the browser are treated as high priority.