I’ve identified a security vulnerability related to the exposure of the internal representation in the “Rule.java” class.

chess.Rules.getNextMove(String, int[], Board) may expose an internal static state by storing a mutable object into a static field chess.Rules.pos