If you find a real security issue in MCP Preflight itself, do not post the details in a public GitHub issue.
Use the private reporting path instead:
- GitHub Security tab ->
Report a vulnerability
Please include:
- what you found
- which version you tested
- how to reproduce it
- any proof-of-concept material that will help confirm the issue quickly
For non-sensitive bugs, false positives, and product feedback, use the public repo:
- GitHub Issues for bugs
- GitHub Discussions for questions and feature requests