If you discover a security vulnerability in RepoGuard, please report it by emailing syntaxhq.dev@gmail.com. Do not open a public issue.

We will acknowledge your report within 48 hours and provide an estimated timeline for a fix.

• RepoGuard only reads public repository metadata
• GitHub tokens with no scopes or public_repo scope are sufficient
• No sensitive data is ever stored or transmitted