MVP contact status
No production support address has been configured in this repository. The deployer must publish monitored support, privacy, billing, legal, and security contacts before inviting external users.
What to include
Share the workspace name, affected run or invoice identifier, time, expected behaviour, and a redacted description. Never send passwords, session tokens, API keys, full payment details, or unnecessary client data.
Security reports
Security reports should use a private monitored channel with acknowledgement and escalation targets. Do not place active exploit instructions or customer information in public issue trackers.
Repository evaluation
For local evaluation, use the setup and security documentation in the repository. OperatorHQ's upstream attribution and independent-project statement are available in the third-party notices.