Report security concerns privately to the Roop team through the contact route listed on the Roop website.

Do not open public issues with secrets, exploit details, private endpoint guesses, or operational data.

• Do not commit API keys or bearer tokens.
• Use ROOP_PUBLIC_MCP_API_KEY or your agent client's secure secret mechanism for authenticated access.
• Do not try to bypass anonymous limits, paid limits, robots guidance, or MCP boundaries.
• Do not probe private Roop infrastructure or undocumented endpoints.
• Do not include private user data in prompts or public issue reports.

This repository documents public MCP usage only:

• public judgments
• public statutes
• public corpus status
• public discovery documents

It does not document or expose private Roop platform internals.