As XMT is a security tool, integrity and trust in the tooling (ie: XMT itself) is one of the most important things to ensure for people using this software.
Monitoring bugs and potential issues is an ongoing task and we make the best effort to ensure high quality code. However, there is always a possibility of things falling through the cracks.
XMT is a continuously updated software solution, and as such, the best way to ensure protection against vulnerabilities and issues it ensure that you are running the latest version of XMT, mainly from a release version (as they are considered more stable than the git base).
If in the event that you find any vulnerabilities, please report any high severity
vulnerabilities via email to xmt <at> idfla.me and report any lower severity
vulnerabilities using the GitHub issues system with the security issue tag.