As this project is under active development, we currently support the latest release.

We take the security of this MCP server seriously, especially given its access to local Visual Studio processes and COM automation interfaces.

If you discover a security vulnerability, please DO NOT open a public issue. Publicly disclosing vulnerabilities can put users at risk before a patch is available.

Instead, please report it via the following method:

Email: Send details to alon@miniforge.studio
Private Advisory: use the Private Advisory feature to submit a report directly to the us.

• Description of the vulnerability (e.g., improper COM object handling, unauthenticated command execution).
• Steps to reproduce the issue.
• Any relevant trace logs or call stacks.

We aim to acknowledge reports within 48 hours and will provide a timeline for a fix.