Security

SECURITY.md

Security Policy

Reporting a vulnerability

If you discover a security issue in Agentwall, please report it privately.

Preferred: open a private security advisory on GitHub
Alternative: email security@agentwall.dev

Please include:

affected version/commit
reproduction steps
impact assessment
any suggested mitigation

Response targets

Initial acknowledgement: within 72 hours
Triage decision: within 7 days
Fix or mitigation timeline: shared after triage based on severity

Disclosure policy

Please do not publicly disclose vulnerabilities until a fix or mitigation has been released.

Scope

This policy covers the OSS Agentwall repository. Third-party dependencies and private/commercial extensions are handled separately.

There aren’t any published security advisories