| Version | Supported |
|---|---|
| 0.5.x | Yes |
Do NOT open a public GitHub issue for security vulnerabilities.
If you discover a security vulnerability in openagentic, please report it responsibly:
- Email: send a detailed report to hello@agenticwork.io, or message the maintainers via GitHub (@agentic-work).
- Include:
- Description of the vulnerability
- Steps to reproduce
- Affected service(s) and version(s)
- Potential impact assessment
- Suggested fix (if any)
You should receive an acknowledgment within 48 hours and a detailed response within 5 business days.
openagentic follows a defense-in-depth approach:
- Network — WAF, IP allowlisting, rate limiting, TLS 1.2+
- Authentication — HMAC-SHA256 signature verification per source
- Payload validation — JSON schema, size limits, prompt-injection detection
- Authorization & isolation — namespace isolation, message-queue decoupling, RBAC
- Audit & observability — structured logging, anomaly alerts, correlation IDs
- Pre-commit hook (
.githooks/pre-commit) blocks known secret patterns from being committed (AWS access keys, private keys, OAuth tokens, openagentic API keys). - Test fixtures may contain synthetic secrets — those are filtered by the
hook's allowlist (
__tests__/,*test*.spec.*,*.test.*). - Cloud-provider credentials live in
~/.openagentic/cloud-secrets/*.env, outside the repo, mounted into containers at runtime.
- The public repo does not build or push images on PR. The only PR-time
workflow is
oss-integrity.yml, which only reads source. mainis protected: changes land via maintainer-approved PR. There is no path for an outside contributor's PR to execute privileged builds or push images from this repo.
- The published
openagentic-*services and the bundled MCP servers underservices/mcps/oap-*-mcp. - The install path (
install.sh,tools/setup/wizard, the Docker Compose stack at the repo root). - The Helm chart under
helm/openagentic/.
- Hosted edition (agenticwork.io) — report those privately at hello@agenticwork.io.
- Third-party model providers (Anthropic, OpenAI, Vertex AI, etc.) and third-party tools surfaced through MCP — report upstream first.