Security fixes are prioritized for the latest released version of @iam-brain/opencode-codex-auth.
Please do not open public issues for security reports.
Use GitHub Security Advisories for private disclosure:
- Go to the repository
Securitytab. - Click
Report a vulnerability. - Include impact, reproduction steps, and affected version.
If private advisory reporting is unavailable, open a minimal issue without sensitive details and request a private contact path.
- Affected version/tag
- Reproduction steps
- Expected vs actual behavior
- Logs or screenshots with secrets redacted
- Initial triage acknowledgement target: within 5 business days
- Remediation target: based on severity and exploitability