No Notes uses local environment variables for API keys. Do not commit .env,
config/tts.local.yaml, generated sessions, or gallery files containing private
content unless you intend to publish them.
If you discover a security issue, please open a private report through GitHub's security advisory feature if available, or contact the maintainer privately.