Skip to content

Security: askalf/agent-security-stack

SECURITY.md

Security Policy

agent-security-stack composes redstamp, truecopy, and strongroom into one layered defense exposed as a single MCP server. A vulnerability here means a composition or configuration flaw that weakens the layers — e.g. the combined MCP server dropping a verdict, mis-wiring a tool's gate, or leaking between layers.

Reporting a vulnerability

Please do not open a public issue for security reports.

You'll get an acknowledgement within 72 hours. Please include a minimal reproduction where possible.

Scope

  • This repo: the composition — the combined MCP server, suite wiring, audit trail plumbing, demo/config defaults that would weaken the stack.
  • The individual tools: report vulnerabilities in the layers themselves to their own repos — redstamp (runtime firewall), truecopy (supply-chain gate), strongroom (secrets). Each has its own threat model.

Supported versions

Pre-1.0: only the latest release receives security fixes; there are no maintenance branches.

There aren't any published security advisories