If you find a security issue, do not open a public issue with sensitive details.
Please report it privately to:
official@mythicalhelper.org
Include:
- a short description of the issue
- affected route, page, or component
- reproduction steps
- impact if known
Sensitive areas include:
- authentication and magic-link flows
- session handling
- D1 record access controls
- Zoho email configuration
- any exposure of personal email addresses or verification tokens
We will review reports as quickly as possible and coordinate a fix before public disclosure when appropriate.