Since there is no release yet, security issues can be reported here.

No trivial vulnerabilities. Since the user can start the tool as root/admin, "trivial" RCE or similar are not accepted. If downloads from HTB leads to RCE, this will be accepted.

For reporting, please create an issue. It's open-source, no secretiveness.