Hi, GrowthBook Team, We’ve identified an issue in the growthbook-proxy project: the /api/eval/ endpoint includes internal targeting logic via tracks[].result.experiment.condition. This allows downstream clients to infer segmentation criteria, which seems to undermine the Remote Evaluation promise to “hide your features’ business logic in insecure environments.” We’ve opened an issue with full context and a proposal to add an optional sanitization step: https://github.com/growthbook/growthbook-proxy/issues/95

Thanks for the catch! Proposed fix here if you'd like to follow along: https://github.com/growthbook/growthbook-proxy/pull/96