Please do not open public GitHub issues for security vulnerabilities.

Use GitHub private vulnerability reporting for this repository if it is enabled. If it is not available, contact the maintainer privately before disclosing details publicly.

This repository covers:

• devagent execute and the validated executor path
• artifact and event output correctness
• provider/model handling in the supported DevAgent path

• third-party model quality issues
• local environment misconfiguration
• unsupported executor parity claims outside the validated DevAgent path