Great catch! Emails with spaces around @ (like "test @ example.com") slip through. This is a classic obfuscation bypass.
The current pattern intentionally matches RFC 5321 compliant emails (no spaces). Adding support for spaced variants creates a trade off. wewould catch more bypass attempts but also increase false positives on text like "send @ 5pm".
I'll add this to the roadmap.
Appreciate the feedback ! this is exactly the kind of edge case I need to hear about to make my api more better
The current pattern intentionally matches RFC 5321 compliant emails (no spaces). Adding support for spaced variants creates a trade off. wewould catch more bypass attempts but also increase false positives on text like "send @ 5pm". I'll add this to the roadmap. Appreciate the feedback ! this is exactly the kind of edge case I need to hear about to make my api more better