Starwatcher is currently an early prototype. Security fixes should target the default branch.

Please do not open a public issue for sensitive security reports.

Use GitHub private vulnerability reporting if it is enabled for this repository. If it is not enabled, contact the maintainer through their GitHub profile and include:

• a short description of the issue
• steps to reproduce
• expected impact
• affected files or versions, if known

Please do not include real secrets, private keys, or personal data in reports.

The current app does not require secrets. Local .env files are ignored by git. Keep .env.example limited to placeholders and safe defaults.