Do NOT report security vulnerabilities through public GitHub issues.

Report via:

1. GitHub Security Advisories
2. Email: cj@imti.co

• Acknowledgment within 48 hours
• Fix within 90 days
• Credit in release notes

1. Credentials: Use environment variables, never commit secrets
2. Network: Always use HTTPS for DataHub connections
3. Access Control: Use DataHub's built-in authorization
4. Logging: Monitor for unusual query patterns

• Query limits prevent excessive data transfer
• Timeouts prevent long-running operations
• SSL/TLS support with certificate verification
• Token redaction in logs