STIGPilot is a local helper for STIG change analysis and workflow preparation. It does not validate compliance, scan hosts, or remediate systems.

Do not include sensitive evidence, hostnames, credentials, classified data, or restricted organizational information in issues, pull requests, screenshots, or sample files.

To report a security concern, open a private advisory on GitHub if available, or contact the repository owner directly through GitHub.