Please report security issues privately instead of opening a public issue.

Email: mark@builderproapps.com

Useful reports include:

• Crashes or data corruption caused by malformed notebooks, PDFs, images, or imported files.
• File-handling bugs that expose notes or imported documents outside the app's intended storage.
• Native bridge issues in PDF import/export, image handling, or Mobile Ink integration.
• Dependency or build configuration issues that could compromise users or downstream contributors.

OpenNotes is local-first and does not run a hosted notes service. The most important security and privacy surfaces are local file storage, import/export flows, native parsing/rendering, and accidental inclusion of private data in issues or pull requests.