I would say keep it closed, it's your work, and you are doing us a favor by simply letting us use it. And if you are in fact using a security loop-hole then MS is sure to plug it as soon as they know what it is. So I vote for keeping it closed or sharing only with people that you feel can contribute to the project on a case by case basis.