Although this is a public template with the minimum configuration needed to get a nodejs project started, security is still a concern. Dependencies on this repo are kept up to date via Dependabot, and CodeQL performs regular code scans to make sure everything is safe. With all of that said, new security treats are discovered every day. So if you think you have found a security-related problem with this repo, please reach to Kaio on LinkedIn: https://www.linkedin.com/in/kaio-silveira/.