Security concerns include secrets exposure, raw-data integrity, and supply-chain safety for development tooling.

Do not print tokens, SSH keys, credentials, or credential-bearing environment variables.

Raw evidence must be immutable and hash-locked before use in future research.

Use trusted package managers and exact package IDs. Do not install tools from arbitrary scripts or unverified URLs.

Report security or integrity issues with enough detail to reproduce the concern without exposing secrets.