These are important advisories about known security issues:

How to report a security issue

If you think you have discovered a new security issue with any StrongLoop package, please do not report it on GitHub.  Instead, send an email to [email protected] with a full description and steps to reproduce.