Security fixes are applied to the latest main branch state.

Please report vulnerabilities privately before public disclosure.

Preferred channels:

1. GitHub Security Advisories for this repository.
2. E-mail: security@informigados.com.br

Include:

1. Clear impact description.
2. Reproduction steps or proof of concept.
3. Affected files/endpoints.
4. Suggested mitigation (if available).

Pixel Forge enforces:

1. Local-only architecture by default.
2. Host header validation.
3. Security response headers.
4. Path access restrictions for preview/open operations.
5. Filename sanitization and controlled temporary directories.