BooKoo takes product, firmware, application, and infrastructure security seriously.

Please do not disclose security vulnerabilities, credentials, logs, firmware internals, private source code, or exploit details in public GitHub issues, pull requests, discussions, comments, or forks.

If you believe you have found a vulnerability or accidental exposure involving BooKoo products, services, repositories, or credentials, please contact us privately:

• Email: support@bookoocoffee.com
• Alternative contact: develop@bookoocoffee.com

Please include a concise description, affected product or repository if known, reproduction steps, and any relevant evidence. Do not include active secrets unless explicitly requested through a private channel.

Private repositories, unreleased firmware, production scripts, manufacturing data, calibration data, credentials, certificates, customer data, and internal communication protocols are confidential unless BooKoo has explicitly published them in an approved public repository.

Public repositories under the BooKooCode organization are intended only for approved open-source materials, public documentation, examples, or third-party forks. If you notice confidential content in a public repository, report it privately immediately.