Security fixes are accepted for the current 1.x line.

Do not open a public issue for credentials, private data, or exploitable behavior. Use GitHub private vulnerability reporting or contact the repository owner privately.

Include reproduction steps, affected files, expected impact, and any suggested mitigation.

• Never commit .env, .cache/reddit-api/, raw Reddit comments, private spreadsheets, or API responses.
• Reddit OAuth collection is read-only and opt-in.
• API credentials must be supplied through environment variables.
• Publishing remains a human-reviewed action.
• Automated Reddit posting is outside project scope.