Please do not report security vulnerabilities through public GitHub issues.

Instead, please email us at skymapdevs@gmail.com with:

• A description of the vulnerability
• Steps to reproduce or a proof of concept
• The potential impact

We will acknowledge your email and work with you to understand and address the issue. Please allow a reasonable amount of time for us to respond — as a volunteer-maintained project, it might take a few days.

Security concerns for Sky Map include:

• Privacy and sensor data — Sky Map accesses device sensors (accelerometer, magnetometer, gyroscope) and location. Any vulnerability that could lead to unintended data exposure is in scope.
• Dependency vulnerabilities — Issues in third-party libraries used by the app.
• APK integrity — Concerns about the integrity of distributed builds.

• Vulnerabilities in the Android OS itself
• Issues requiring physical access to an unlocked device
• Social engineering attacks