If you believe you have found a security or privacy issue in this project, please report it privately.

• email: devs@put.io

Private reports are preferred for security and privacy issues.

If you are unsure whether something is sensitive, email first instead of opening a public issue.

Useful reports usually include issues involving:

• authentication, authorization, or session handling
• token, secret, or credential exposure
• command injection, path handling, or unsafe shell behavior
• privilege escalation or access-control bypass
• private or user data exposure

• test only against accounts, environments, and data you control
• keep testing non-destructive, low-volume, and limited to systems you control
• keep reports focused on technical vulnerabilities in this repository

This repository does not currently publish a formal supported-version policy. Report issues against the latest released CLI or the current main branch.

Please allow a reasonable amount of time to investigate and fix the issue before sharing details publicly.

If the report is valid, we will work on a fix and coordinate disclosure as appropriate.