If you discover a security vulnerability in Agentic OS, please do not open a public issue.
Instead, report it privately:
- Private advisory: Use GitHub's private vulnerability reporting flow (Settings > Security > Advisories > New draft advisory).
- Include: Description of the vulnerability, steps to reproduce, affected files/workflows, and potential impact
- Acknowledgment: Within 48 hours
- Assessment: Within 7 days
- Fix: Depending on severity, typically within 14 days
Security issues in Agentic OS may include:
- Guardrail bypasses: AI agents circumventing safety gates or destructive command blocks
- Deploy script vulnerabilities: Command injection, path traversal, or privilege escalation in
deploy.sh/deploy_brain.* - SSoT integrity: Unauthorized writes to
current_state.mdbypassingguard_context_write.py - Information leakage: Framework exposing sensitive project data through Work Logs or handoff artifacts
- AI model hallucinations or incorrect outputs (these are model-level issues, not framework bugs)
- Vulnerabilities in downstream projects using Agentic OS
- Social engineering attacks against human contributors
| Version | Supported |
|---|---|
| 1.8.x | Yes |
| 1.7.x | Yes |
| < 1.7 | No |