This is a personal learning project. Only the latest commit on main is considered in scope for security fixes.
| Version | Supported |
|---|---|
| main | ✅ |
| others | ❌ |
If you discover a security vulnerability in this project:
- Do NOT open a public Issue.
- Email the project maintainer directly with details.
- Allow up to 7 days for initial response.
.envfile exposure- API Key / Token leakage in commits, logs, or documentation
- Hardcoded credentials in Unity scripts or CI workflows
- Insecure dependency versions in
Packages/manifest.json
- Unity Editor security vulnerabilities (report to Unity Technologies)
- Third-party package vulnerabilities (report to package maintainers)
- Phishing or social engineering attacks