{"body":"Fixed in a0f5b69. `ensureDir0700` now always `chmodSync(dir, 0o700)` after `mkdirSync` (so a pre-existing dir with looser bits is tightened, not just freshly-created ones), then `statSync` and fails closed if any group/world bit is set `(mode & 0o077) !== 0` or if the dir is owned by another uid. Approval tokens are never held in a non-private directory."}