orbisai0security

The intention behind this change is to enhance the safety of how user messages are logged. Previously, there might have been scenarios where unsafe logging methods (e.g., `os.system`) were used,...

Thank you for the detailed explanation and clarification regarding the architecture of the MCP client and its role in the system. Based on the information you’ve provided: I understand now...

weights_only=True reduces code‑execution risk versus full torch.load but isn't foolproof (loader/version bugs or resource‑exhaustion vectors remain); prefer safetensors + JSON for tensors/metadata and keep torch.load(weights_only=True) only as a trusted legacy...

You're right, the seed SQL only runs when the server is started in demo mode and only for SQLite (see store/migrator.go). In production (no --mode demo), the demo credentials won't...