Community Security Update

[mrT23]

We value our community's security feedback and take all potential vulnerability reports seriously.

We recently became aware of public claims regarding an unhandled vulnerability in pr-agent.
To ensure transparency:

1. We received an initial email about a potential vulnerability
2. Our team promptly responded requesting additional details (see here)
3. No further information was provided by the reporter
4. We finally learned of the specific concerns through a public post.
5. While some of the issues raised were overstated, they highlighted areas for improvement in our infrastructure. We promptly addressed the underlying matters and implemented additional safeguards, as detailed in our recent changelog.

If you discover a potential security vulnerability, please contact us at [email protected].
We are committed to maintaining the security of our open-source community.