We run the flake8-bandit security scanner via pre-commit, and require it to pass, to ensure known security vulnerabilities don't make it into our code base.

If you discover a security vulnerability in staged-script, please head on over to the Security Advisories page and draft a new advisory. We thank you in advance for helping to improve the security of this package.