Do not open a public issue for security vulnerabilities.
Report privately through a GitHub security advisory:
Please include:
- A description of the issue and its impact.
- Steps to reproduce or a proof of concept.
- The Rush version, and your OS (macOS / Linux / Windows) and version.
We'll acknowledge your report, keep you updated on the fix, and credit you in the advisory unless you prefer otherwise.
This concerns the Rush app (macOS, Linux, Windows) and the rush CLI agent runtime distributed via
getrush.ai. For account or billing issues that aren't vulnerabilities, use
Rush → Send Feedback in the app.