Most security risks can come from dependent libraries which has to be updated by Dependabot. If any issues found with the code itself - please feel free to submit pull request.

In case if vulnerability found, please, open an issue with detailed explanation of the vulnerability.