Do not open a public issue.

Email: [email protected]

You will receive an acknowledgment within 48 hours. We will provide a timeline for a fix within 5 business days.

• @skrun-dev/* npm packages
• Agent runtime execution (sandbox, tool calling, LLM routing)
• Registry API (auth, push/pull, POST /run)

• Social engineering
• Denial of service attacks
• Issues in third-party dependencies (please report upstream)
• Vulnerabilities in LLM provider APIs