This tool is early-stage. Security fixes are best-effort.

If you discover a security issue, do not open a public issue. Contact the maintainers privately.

• Treat corpora, queries, and retrieved results as untrusted inputs.
• Run in sandboxed CI when testing untrusted content.