If you find a security issue in the scanner itself (e.g. a way to make it execute scanned content, a path-handling bug, or a crash on hostile input), please report it privately:
- Open a GitHub Security Advisory, or
- Email the maintainers (see the repository owner's profile).
Please do not open a public issue for a vulnerability until it has been addressed. We aim to acknowledge reports within a few days.
This is a defensive tool. If you have new indicators of compromise for the EtherHiding / UNC5142 campaign (or a related build-config loader), please open a normal pull request or issue with the indicators and, ideally, a reference. Share hashes/IOCs — not live malware samples or proprietary source.
The scanner only reads files and runs read-only git commands. It never executes,
evals, requires, builds, or network-fetches the code it inspects, and ships no
live payloads (test fixtures are inert synthetic stand-ins). If you believe any of
those properties is violated, treat it as a security issue and report it as above.