Please do not open public issues for vulnerabilities that could expose mailbox contents, credentials, tokens, local model prompts, or deployment secrets.
Report security concerns to the repository owner through GitHub private vulnerability reporting when available, or by contacting the maintainer through their public GitHub profile:
https://github.com/baditaflorin
Security-sensitive areas include:
- IMAP credential handling
- mailbox import and parsing
- local index storage
- encrypted runtime data
- Docker and nginx deployment settings
- GitHub Pages frontend configuration