frank/msitarzewski--agency-agents
1
0
Fork 0
mirror of https://github.com/msitarzewski/agency-agents/ synced 2026-06-09 10:13:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8237f99b850db8d5195815f80893554034fe983d
msitarzewski--agency-agents/SECURITY.md
T
Akhilesh Arora 083ce47e13 fix: remove stray EOFcat heredoc artifact from SECURITY.md (#531) 
Removes the stray `EOFcat SECURITY.md` line accidentally left at the end of SECURITY.md.

Closes #530. Thanks to @akhilesharora.
2026-06-02 18:06:50 -05:00

1.0 KiB
Raw Blame History

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in this project, please report it responsibly. Do NOT open a public GitHub issue for security vulnerabilities. Open a private security advisory via GitHub Security tab.

Response Timeline

  • Acknowledgment: within 48 hours
  • Initial assessment: within 7 days
  • Fix or mitigation: depends on severity

Scope

This repository contains Markdown-based agent definitions and shell scripts for installation and conversion.

Agent files (.md)

  • Non-executable prompt definitions
  • No API keys, secrets, or credentials should be stored in agent files

Shell scripts (scripts/)

  • install.sh, convert.sh, and lint-agents.sh are executable
  • Contributors should review scripts for unintended behavior before running

Best Practices for Contributors

  • Never commit API keys, tokens, or credentials
  • Never add executable code inside agent Markdown files
  • Shell scripts must be reviewed before merging
  • Report suspicious agent definitions that attempt prompt injection
Reference in New Issue View Git Blame Copy Permalink