Please report security vulnerabilities by email to owen@switchifyapp.com.

Do not open a public GitHub issue for vulnerabilities, pairing bypasses, authentication weaknesses, secret exposure, or remote command execution concerns.

Please include:

• A description of the issue.
• Steps to reproduce it.
• The affected version or commit, if known.
• Any relevant logs with secrets, pairing tokens, auth headers, and typed text payloads removed.

We will acknowledge valid reports as soon as practical and coordinate fixes before public disclosure.