x-dms may handle sensitive data: X session cookies, proxy credentials, and private DMs.
Do not open a public GitHub issue.
Instead, contact the maintainers privately (add/confirm your preferred contact method here):
- Email: security@desearch.ai (example)
- Or open a GitHub Security Advisory (preferred)
- Do not log cookies/auth headers
- Redact secrets in any debug dumps
- Recommend encryption at rest for secrets
- Use least-privilege credentials
- Validate inputs (avoid injection/SSRF via proxy settings, etc.)