The project is pre-1.0. Only the latest version receives security fixes.

Please do not open a public GitHub issue for security problems.

Open a private security advisory on GitHub (Security → Advisories → New advisory), or email the maintainers with:

1. Description of the issue and its impact.
2. Steps to reproduce.
3. Affected version / commit.
4. Any suggested mitigation.

We will acknowledge receipt within 5 business days and aim to provide a remediation plan within 30 days. Coordinated disclosure window: 90 days from acknowledgement.

LabHub is a local-only ops bridge:

• The bridge listens on 127.0.0.1 by default. It is not designed for internet exposure.
• No authentication — anyone who can reach the bridge port can read lab data and send chat messages. Bind to loopback and protect the port at the OS level.
• The gateway script (LABHUB_GATEWAY_SCRIPT) is exec'd with the requesting user's privileges. Only configure scripts you control.
• Lab repo_path / workdir come from the server-side labhub.yaml, not from the frontend. The frontend cannot influence which paths are used.
• allowed_actions in the registry is policy for the gateway agent, not an enforced sandbox.
• Chat history is in-memory only; restarting the bridge clears all sessions.

• DoS via large requests (no rate limiting by design — local tool).
• Vulnerabilities in your own gateway or lab plugin code.