We are aware that running mods with the BrowserClient interface can be unsafe because of how NodeJS and V8 handle non-sanitized mod code within an emulated environment.

It is essential to only execute mod code from trusted sources or thoroughly verify the code's safety before passing it to a BrowserClient instance.

Please do not report security vulnerabilities through public GitHub issues.

If you identify any issues that could be resolved through improved code logic or dependencies (excluding the VM library), please submit a report detailing the problem and your proposed solutions using any of the contact methods listed below:

• Repository Security Advisories Form
• Email: [email protected]
• Discord @bhpsngum
• Google Form

When submitting a report, make sure to include these information:

• Detailed description of the issue
• Steps to reproduce (if any)
• Proposed solution to the said issue
• Attachments of your Proof of Concept (PoC) (optional)

We prefer all communications to be in English.