webnetstack is designed to broker limited networking capability from a browser context to the local OS networking stack, while avoiding raw hardware or kernel exposure.

Out of scope by design:

• NIC enumeration
• MAC addresses and hardware identifiers
• Kernel stats and routing state
• Raw packets or privileged socket operations

If you find a vulnerability that weakens origin checks, token checks, destination policy enforcement, subprotocol validation, payload bounds, or session limits, treat it as security-sensitive.