Policy

Security

How to report vulnerabilities. We take security seriously. nanostack is a security tool.

Reporting vulnerabilities

Report via GitHub Security Advisories. Do not use public issues.

What's in scope

Guard bypassCircumventing block rules, the six-tier guard pipeline, the Write/Edit hook, the phase gate, or the budget gateWrite/Edit hookReaching protected paths, credential files, or credential JSON basenames through symlinks or path tricksPhase gateCommitting or pushing without fresh review, security, and qa artifacts on a host that supports enforcementArtifact injectionMalicious data in artifacts that affects downstream skill behaviorSetup scriptSymlink attacks, path traversal, privilege escalation during installSecrets exposureCredentials or tokens leaked in skill outputs or artifactsCommand injectionShell injection via bin/ scripts or skill execution

Hard enforcement depends on the host adapter. The source of truth is adapters/<host>.json in the repo. Bash guard, Write/Edit guard, and phase gate are supported by Claude Code; other verified adapters may run the same workflow as guided instructions or reported checks.

What's out of scope

AI agent vulnsIssues in Claude, Codex, Gemini or other upstream agentsGenerated codeQuality issues in code the agent writes (not nanostack's responsibility)Third-party skillsVulnerabilities in community-created skill extensions

Response timeline

Acknowledgment48 hoursInitial assessment7 daysFix / mitigation30 days

Disclosure process

  1. You report via GitHub Security Advisory
  2. We confirm and assess severity
  3. We develop and test the fix
  4. We release the patch
  5. We credit the reporter (anonymity available on request)

Only the latest main branch receives full support. Best-effort for older commits.

← nanostack.sh