None of the authors are security experts. We relied on accepted tools and practices, and tried hard to make this tool solid and well-tested, but nobody's perfect. Please look over the code carefully before using it (and note the legal disclaimer in the README).
To report a security vulnerability, please file an issue in this repo without including the details, and we'll be happy to coordinate a secure means of disclosure as well as a timely resolution.