If you find a security issue, report it privately to the maintainer instead of opening a public issue.

Include:

• A clear description of the issue
• Steps to reproduce it
• Impact assessment
• Any suggested remediation if you have one

Relevant areas include:

• Desktop entry generation
• Backup import/export handling
• Filesystem path handling
• Browser/profile isolation
• Network-facing icon download logic