IQT Labs takes the security of its projects very seriously. If you find a vulnerability or a bug with security implications we want to hear about it. That being said, please do not submit an issue via the standard issue tracker as these are publicly visible. Instead we ask that you email your findings to our security team at LabsSecurity+aisonobuoy@iqt.org so that we can properly assess and address these issues. Please err on the side of caution, even partial or fragmentary information may be helpful to us.
We will attempt to confirm all reports within 72 hours. Triage and remediation timelines will depend on the nature and complexity of the issue found.
We appreciate the efforts of anyone attempting to help improve the security of our tools!