Inflect is a speech-generation research project. Security issues may involve code execution, model artifacts, data handling, or misuse of voice-cloning workflows.

If you find a security issue, do not open a public issue with exploit details.

Send a private report to the repository owner through GitHub, or open a minimal private advisory if available.

Include:

• affected files or workflow
• reproduction steps
• impact
• suggested fix if known

Do not submit:

• private voice recordings
• credentials
• Hugging Face tokens
• API keys
• copyrighted datasets without clear rights
• model checkpoints containing private training data

This repo is currently a research preview. There is no production support guarantee yet, but credible vulnerability reports will be treated seriously.

Inflect is intended for consent-based voice work, local creative tooling, accessibility, research, and product prototyping.

Do not use it for impersonation, fraud, harassment, or non-consensual voice cloning.