Report privately via GitHub Security Advisories. We respond within 72 hours.

• Workflow execution engine (arbitrary code risks)
• API authentication and authorization
• Integration connector credential handling
• Agent execution sandbox