Skip to content

Security: Egoist-Machines/etchplan

Security

SECURITY.md

Security Policy

Reporting a vulnerability

Please report security issues privately. Do not open a public issue.

  • Preferred: GitHub private vulnerability reporting (repository → Security → "Report a vulnerability").
  • Or email security@egoistmachines.com.

We aim to acknowledge reports within 3 business days and to share a remediation timeline after triage. Please include reproduction steps and affected versions.

Supported versions

etchplan is pre-1.0; only the latest released version receives security fixes.

Data handling & the safety model

etchplan is local-first and guarded by default:

  • No upload by default. Agent-hook trace capture writes to a local file (~/.etchplan/hook_events.jsonl). Nothing leaves your machine unless you explicitly export or share it.
  • Sensitive capture. Raw hook traces can contain commands, file contents, and tool output. Treat ~/.etchplan/ as sensitive. The redact/export path applies secret/PII redaction and slotting before any trace or plan is shared.
  • Compiled artifacts are guarded. Code routines distilled from traces are statically checked by an AST allowlist (packages/etchplan-validator/etchplan_validator/code_safety.py): only environment APIs and safe builtins are allowed; exec/eval/open/dynamic-attribute escapes/OS/network are rejected. A routine that fails validation is never executed; the original agent runs instead.
  • Mutations are gated. Live mutating actions require an idempotency key and pass through a mutation gate; every action is written to an append-only audit log; a drift kill-switch disables a plan whose measured fallback rate breaches its policy.

Please report any bypass of these guarantees as a security issue.

© 2026 Egoist Machines, Inc.

There aren't any published security advisories