If you find a security vulnerability, please report it responsibly:
- Do not open a public issue
- Use GitHub's private vulnerability reporting: Repository -> Security -> Advisories -> New
- Include a description, steps to reproduce, affected versions, and potential impact
- IMAP account configuration and mailbox access
- Local document downloads and conversion output
- Local metadata files below
%USERPROFILE%\.univ_docs_grabber\ - Optional OCR and PDF conversion integrations
Out of scope: public test fixtures that contain no real credentials, issues caused by unsupported third-party OCR or PDF tools, and vulnerabilities that require malicious local administrator access.
As a solo project, response times may vary. Critical issues will be prioritized. Please allow reasonable time before public disclosure.