AppGuardrail is a security tool. Like all security tools, it can be used responsibly or irresponsibly. These guidelines exist to ensure AppGuardrail is used to protect applications and their users — not to harm them.
Only test applications you own or have explicit written authorization to test.
See scope-and-authorization.md for details on what authorization means and how to document it.
Use a dedicated test environment:
- Test against a staging environment, not production.
- Use test database instances with synthetic data — no real user data.
- Create dedicated test accounts (never test with a real customer's account).
Limit blast radius:
- Use test API keys for Stripe, OpenAI, etc. (not live keys).
- Ensure test actions cannot affect real users (use isolated namespaces/tenants).
Keep findings private:
- If you find a vulnerability in your own app, fix it before sharing publicly.
- Share findings only with team members who need to know.
Document what you tested:
- Keep a brief log: what you tested, when, what you found.
- This helps track which issues have been verified and fixed.
- Get written authorization from the client (see scope-and-authorization.md).
- Define scope clearly — what is included and excluded.
- Agree on a communication plan — who gets notified of critical findings and how quickly.
- Set up test accounts — the client should provide dedicated test credentials.
- Use test accounts only. Never log in with a real customer's credentials.
- Do not access or download real user data as part of demonstrating a vulnerability.
- To demonstrate an IDOR, access your own test user's data with another test user — not real data.
- Avoid destructive testing unless explicitly authorized:
- No deleting production data
- No sending emails to real users
- No triggering real payment charges
- Stop and escalate if you find evidence of:
- An existing breach or compromise
- Data that suggests real user PII has been exposed
- Credentials that appear to belong to third parties
- Delete any test data you created in client systems.
- Deliver findings securely — encrypted email, shared secure folder, or a private report link.
- Allow time for remediation before any public disclosure.
- Do not retain copies of client code, credentials, or findings beyond the agreed retention period.
- Rules must detect code patterns that are dangerous — they must not contain working exploit code.
- Test rules against the
examples/vulnerable-vibe-app/sample before submitting. - Document why the pattern is dangerous and what the correct pattern looks like.
- Minimize false positives: a rule that fires on safe code causes alert fatigue.
examples/vulnerable-vibe-app/is intentionally insecure for educational purposes.- Never deploy the vulnerable example app to a public URL.
- The vulnerable app must use fake data only — no connection to real services.
- The vulnerable app must clearly display a warning that it is intentionally vulnerable.
- Prompts and checklists should guide developers toward secure practices.
- Do not include prompts that could help an attacker exploit applications.
- Prompts should be defensive (fix this) not offensive (find this to exploit).
If you find a security vulnerability in the AppGuardrail tools or scanner:
- Do not disclose it publicly until a fix is available.
- Report it via a GitHub Security Advisory (private) or email the maintainer.
- Allow reasonable time for a fix before public disclosure.
AppGuardrail tools are provided for legitimate security testing and educational purposes only. The maintainers are not responsible for misuse. By using AppGuardrail, you agree to use it only on applications you own or have explicit written authorization to test.