Active development is on main. Hosted instance: deploy-panel.opentriologue.ai, tracks main.

deploy-panel manages VPS deployments and orchestrates agent-relay, so vulnerabilities (auth bypass, command injection, secret leak, privilege escalation) are treated as serious by default.

Please do not open a public GitHub issue for security reports.

Email contact@lan-nguyen-si.de with:

• Affected surface (backend, frontend, mcp, action, hosted instance)
• Reproduction steps or proof-of-concept
• Impact assessment

You will get an acknowledgement within 72 hours and an initial assessment within 7 days. A fix timeline depends on severity and complexity, communicated in the assessment.