Bandit is a tool designed to find security issues, so every effort is made that Bandit itself is also free of those issues. However, if you believe you have found a security vulnerability in this repository please open it privately via the Report a security vulnerability link in the Issues tab.

Please do not report security vulnerabilities through public issues, discussions, or pull requests.

Please also inform the Tidelift security. Tidelift will help coordinate the fix and disclosure.