PHPCS Standards Compliance Issues with WordPress VIP

We are using the 301 Redirects on our WordPress VIP site, and while running PHPCS standards checks for WordPress VIP Go, we encountered several errors related to escaping, security, and best practices.
Below are some of the issues flagged:

• Wrong escaping function: esc_attr() is used in a context outside of HTML attributes, which may not escape properly.
• HTML string concatenation detected: This poses a security risk; best practices recommend using DOM node construction or a templating language instead.
• Potential XSS vulnerability: Data from the JS global variable window.location.hash should be sanitized before output.
• Incorrect escaping function: href, src, and action attributes should be escaped using esc_url(), but the plugin currently uses esc_attr().
• Improper use of wp_safe_redirect(): The function should almost always be followed by a call to exit; to prevent further execution.
• Closing PHP tag issue: A closing ?> tag is present at the end of a PHP file, which is not permitted according to WordPress coding standards.

Could you confirm whether these issues are known and if there are plans to update the plugin to meet WordPress VIP coding standards? If a fix is available or in progress, please share any recommendations for temporary workarounds.
Looking forward to your response.

Thanks