OpenWork is under active development and we prioritize fixes on the latest release and the current dev branch.

Please do not open public GitHub issues for security vulnerabilities.

Instead, report vulnerabilities privately to:

• Email: benjamin.shafii@gmail.com
• Subject: [OpenWork security] <short summary>

Please include:

• A clear description of the issue
• Reproduction steps or proof of concept
• Impact assessment
• Suggested remediation (if known)

• We will acknowledge receipt within 3 business days.
• We will provide an initial triage status within 7 business days.
• We will share remediation or mitigation guidance as soon as available.

Please keep details private until a fix or mitigation is available and maintainers confirm public disclosure timing.