Security

Reporting a security issue

We take security reports seriously and want them easy to send. Where a report goes depends on what it's about.

The Editmamei software

For a vulnerability in the editmamei npm package (the CLI and the MCP server you install), the full policy lives on GitHub: scope, what to include, and our response timelines. The preferred channel is a private security advisory, which keeps your report confidential while we work on a fix.

Report a vulnerability privately (preferred)
Read the security policy on GitHub.

Please don't open a public GitHub issue for a security bug. The tracker is public, so the report would be too.

This website

For an issue in editmamei.com itself or its hosting, email security@editmamei.com. A PGP key is available on request.

Back to home →