If you believe you have found:
- a security vulnerability, OR
- a privacy issue (e.g., sensitive data accidentally shared)
Do not open a public GitHub issue.
Instead, contact the maintainer privately (use GitHub’s private vulnerability reporting if enabled, or email if provided in the repo profile).
Include:
- a clear description of the issue
- where it appears (file/path/link)
- what data might be exposed (if applicable)
- steps to reproduce (synthetic data only)
This repository is for code and documentation only.
Do NOT post or commit:
- student/staff identifiers (names, IDs, emails, usernames)
- raw Maxient exports or reports
- case narratives, incident descriptions, notes, attachments
- screenshots containing identifying or case-specific information
- any keys/secrets used for hashing or anonymization (e.g., peppers, salts, private keys)
If you accidentally posted sensitive content:
- Delete it immediately (comment, issue, discussion, commit, etc.).
- Notify the maintainer via the private channel above.
This project is maintained on a best-effort basis. Security fixes will be prioritized for current mainline usage patterns.