[Security] Critical vulnerability reporting (RCE) #52
Description
Description I have discovered a critical security vulnerability (Remote Command Execution via Prompt Injection) in this project.
Note Since "Private Vulnerability Reporting" is not enabled on this repository and there is no SECURITY.md file, I cannot report this privately via GitHub.
Action Required Could the maintainer please provide a security email address or a way to contact you privately? I have a full PoC and reproduction steps ready to share, but I do not want to disclose them publicly here to protect existing users.
Thanks. (this comment was summaried by gemini.)