Yaru is a Python client application that executes the user's own arbitrary code in a Python interpreter and/or shell with the purpose of management and execution of local development scripts. As such, it should never be part of a project's production dependencies.

If you have found a possible vulnerability that is not excluded by the above scope, please email codearm at pm dot me.

While we sincerely appreciate and encourage reports of suspected security problems, please note that we do not currently run any bug bounty programs.

Critical vulnerabilities will be disclosed via GitHub's security advisory system.