Only the latest release/state on the master branch is actively supported with security updates.

We take the security of this project and the safety of user-trained checkpoints very seriously. If you discover a security vulnerability (such as remote code execution vectors during serialized model loading, arbitrary data access via manifests, or API token leaks), please report it responsibly.

Please do not report security vulnerabilities through public GitHub issues.

Instead, please send an email directly to the project maintainer at purvanshjoshi7534011576@gmail.com.

• A descriptive subject line (e.g., "Security Vulnerability: Arbitrary File Read in Manifest Preprocessor").
• A detailed description of the vulnerability and its potential impact.
• Steps to reproduce the issue (including proof-of-concept scripts or manifest samples).
• The environment/OS used during testing.

• You will receive an acknowledgment of your report within 48 hours.
• We will coordinate with you to investigate and resolve the issue.
• Once a fix is verified and pushed to the master branch, we will acknowledge your contribution (unless you prefer to remain anonymous).