Do not open a public issue. Instead, use GitHub Security Advisories to report the vulnerability privately.

Alternatively, contact the maintainer directly.

Only the latest version receives security updates.

• No credentials are stored in the repository
• Install scripts write only to user-level directories (~/.claude/)
• Extension Python dependencies are installed in isolated virtual environments
• Extension Node.js dependencies are installed locally (no global installs)