diff --git a/package/.swcrc b/package/.swcrc
index e66704b08..374eca1ba 100644
--- a/package/.swcrc
+++ b/package/.swcrc
@@ -14,7 +14,7 @@
   "module": {
     "type": "es6"
   },
-  "sourceMaps": true,
+  "sourceMaps": false,
   "exclude": [
     "tests",
     ".*.test.ts$",
diff --git a/package/esm/index.d.ts b/package/esm/index.d.ts
index 295e38797..5f6137e05 100644
--- a/package/esm/index.d.ts
+++ b/package/esm/index.d.ts
@@ -23,4 +23,3 @@ declare const jwtGenCore: {
     token: typeof token;
 };
 export default jwtGenCore;
-//# sourceMappingURL=index.d.ts.map
\ No newline at end of file
diff --git a/package/esm/index.d.ts.map b/package/esm/index.d.ts.map
deleted file mode 100644
index 73d43a68a..000000000
--- a/package/esm/index.d.ts.map
+++ /dev/null
@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAWA;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CACvB,UAAU,EAAE,MAAM,GAAG,MAAM,EAC3B,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,QAAQ,SAAM,GACb,MAAM,CAWR;AAED;;;;;;;GAOG;AACH,wBAAsB,KAAK,CACzB,UAAU,EAAE,MAAM,GAAG,MAAM,EAC3B,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,QAAQ,SAAM,GACb,OAAO,CAAC,MAAM,CAAC,CAKjB;AAED,QAAA,MAAM,UAAU;;;CAGf,CAAC;AAEF,eAAe,UAAU,CAAC"}
\ No newline at end of file
diff --git a/package/esm/index.js b/package/esm/index.js
index 782166b86..2ab233f86 100644
--- a/package/esm/index.js
+++ b/package/esm/index.js
@@ -31,11 +31,24 @@ const payload = (issuerId, duration)=>({
  * @param duration 
  * @returns 
  */ export async function token(privateKey, issuerId, privateKeyId, duration = 500) {
-    const key = await importPKCS8(privateKey.toString(), 'ES256');
-    return new SignJWT(payload(issuerId, duration)).setProtectedHeader({
-        alg: 'ES256',
-        kid: privateKeyId
-    }).sign(key);
+    try {
+        const key = await importPKCS8(privateKey.toString(), 'ES256');
+        return new SignJWT(payload(issuerId, duration)).setProtectedHeader({
+            alg: 'ES256',
+            kid: privateKeyId
+        }).sign(key);
+    } catch (error) {
+        if (error instanceof Error) {
+            // Use predefined error messages to avoid information leakage
+            if (error.message.includes('PKCS8')) {
+                throw new Error('JWT token generation failed: Invalid key format');
+            } else if (error.message.includes('sign')) {
+                throw new Error('JWT token generation failed: Signing operation failed');
+            }
+            throw new Error('JWT token generation failed: Internal error');
+        }
+        throw new Error('JWT token generation failed: Unknown error occurred');
+    }
 }
 const jwtGenCore = {
     tokenSync,
@@ -43,5 +56,3 @@ const jwtGenCore = {
 };
 export default jwtGenCore;
 
-
-//# sourceMappingURL=index.js.map
\ No newline at end of file
diff --git a/package/esm/index.js.map b/package/esm/index.js.map
deleted file mode 100644
index 20bd2098c..000000000
--- a/package/esm/index.js.map
+++ /dev/null
@@ -1 +0,0 @@
-{"version":3,"sources":["../src/index.ts"],"names":["SignJWT","importPKCS8","payload","issuerId","duration","audience","expiresIn","issuer","tokenSync","privateKey","privateKeyId","result","token","then","catch","error","Error","message","key","toString","setProtectedHeader","alg","kid","sign","jwtGenCore"],"mappings":"AAAA,SAAqBA,OAAO,EAAEC,WAAW,QAAQ,OAAO;AAExD,MAAMC,UAAU,CACdC,UACAC,WACgB,CAAA;QAChBC,UAAU;QACVC,WAAWF;QACXG,QAAQJ;IACV,CAAA;AAEA;;;;;;;;;CASC,GACD,OAAO,SAASK,UACdC,UAA2B,EAC3BN,QAAgB,EAChBO,YAAoB,EACpBN,WAAW,GAAG;IAEd,IAAIO;IACJC,MAAMH,YAAYN,UAAUO,cAAcN,UACvCS,IAAI,CAAC,CAACD;QACLD,SAASC;QACT,OAAOA;IACT,GACCE,KAAK,CAAC,CAACC;QACN,MAAM,IAAIC,MAAM,CAAC,0BAA0B,EAAED,MAAME,OAAO,EAAE;IAC9D;IACF,OAAON,UAAU;AACnB;AAEA;;;;;;;CAOC,GACD,OAAO,eAAeC,MACpBH,UAA2B,EAC3BN,QAAgB,EAChBO,YAAoB,EACpBN,WAAW,GAAG;IAEd,MAAMc,MAAM,MAAMjB,YAAYQ,WAAWU,QAAQ,IAAI;IACrD,OAAO,IAAInB,QAAQE,QAAQC,UAAUC,WAClCgB,kBAAkB,CAAC;QAAEC,KAAK;QAASC,KAAKZ;IAAa,GACrDa,IAAI,CAACL;AACV;AAEA,MAAMM,aAAa;IACjBhB;IACAI;AACF;AAEA,eAAeY,WAAW","file":"index.js","sourcesContent":["import { JWTPayload, SignJWT, importPKCS8 } from 'jose';\n\nconst payload = (\n  issuerId: string,\n  duration: number,\n): JWTPayload => ({\n  audience: 'appstoreconnect-v1',\n  expiresIn: duration,\n  issuer: issuerId,\n});\n\n/**\n * Synchronous token generation.\n * @deprecated Use `token` instead.\n * \n * @param privateKey\n * @param issuerId \n * @param privateKeyId \n * @param duration \n * @returns \n */\nexport function tokenSync(\n  privateKey: string | Buffer,\n  issuerId: string,\n  privateKeyId: string,\n  duration = 500,\n): string {\n  let result: string | undefined;\n  token(privateKey, issuerId, privateKeyId, duration)\n    .then((token) => {\n      result = token;\n      return token;\n    })\n    .catch((error) => {\n      throw new Error(`Failed to generate token: ${error.message}`);\n    });\n  return result ?? '';\n};\n\n/**\n * Asynchronous token generation.\n * @param privateKey \n * @param issuerId \n * @param privateKeyId \n * @param duration \n * @returns \n */\nexport async function token(\n  privateKey: string | Buffer,\n  issuerId: string,\n  privateKeyId: string,\n  duration = 500,\n): Promise<string> {\n  const key = await importPKCS8(privateKey.toString(), 'ES256');\n  return new SignJWT(payload(issuerId, duration))\n    .setProtectedHeader({ alg: 'ES256', kid: privateKeyId })\n    .sign(key);\n};\n\nconst jwtGenCore = {\n  tokenSync,\n  token,\n};\n\nexport default jwtGenCore;\n"]}
\ No newline at end of file
diff --git a/package/src/index.ts b/package/src/index.ts
index faf489951..21ce35d76 100644
--- a/package/src/index.ts
+++ b/package/src/index.ts
@@ -51,10 +51,23 @@ export async function token(
   privateKeyId: string,
   duration = 500,
 ): Promise<string> {
-  const key = await importPKCS8(privateKey.toString(), 'ES256');
-  return new SignJWT(payload(issuerId, duration))
-    .setProtectedHeader({ alg: 'ES256', kid: privateKeyId })
-    .sign(key);
+  try {
+    const key = await importPKCS8(privateKey.toString(), 'ES256');
+    return new SignJWT(payload(issuerId, duration))
+      .setProtectedHeader({ alg: 'ES256', kid: privateKeyId })
+      .sign(key);
+  } catch (error) {
+    if (error instanceof Error) {
+      // Use predefined error messages to avoid information leakage
+      if (error.message.includes('PKCS8')) {
+        throw new Error('JWT token generation failed: Invalid key format');
+      } else if (error.message.includes('sign')) {
+        throw new Error('JWT token generation failed: Signing operation failed');
+      }
+      throw new Error('JWT token generation failed: Internal error');
+    }
+    throw new Error('JWT token generation failed: Unknown error occurred');
+  }
 };
 
 const jwtGenCore = {
diff --git a/package/tsconfig-types.json b/package/tsconfig-types.json
index 49233f72a..32e8ff622 100644
--- a/package/tsconfig-types.json
+++ b/package/tsconfig-types.json
@@ -9,8 +9,8 @@
     "outDir": "./@types",
     "moduleResolution": "bundler",
     "declaration": true,
-    "declarationMap": true,
-    "sourceMap": true,
+    "declarationMap": false,
+    "sourceMap": false,
     "strict": true,
     "noImplicitAny": true,
     "esModuleInterop": true,
diff --git a/package/tsconfig.json b/package/tsconfig.json
index 6890147e9..6f0e35e0f 100644
--- a/package/tsconfig.json
+++ b/package/tsconfig.json
@@ -9,8 +9,8 @@
     "moduleResolution": "bundler",
     "declaration": true,
     "declarationDir": "./esm",
-    "declarationMap": true,
-    "sourceMap": true,
+    "declarationMap": false,
+    "sourceMap": false,
     "strict": true,
     "noImplicitAny": true,
     "esModuleInterop": true,