The Loop Engineering ecosystem takes security seriously. If you discover a security vulnerability in any of the 11 loop projects, please do not open a public issue.
- Send an email to: novelnexusai@outlook.com
- Include the following in your report:
- Affected project(s) (e.g., loop-aider, loop-ollama, etc.)
- Version number(s)
- Detailed description of the vulnerability
- Steps to reproduce (proof-of-concept code if possible)
- Potential impact assessment
- We will acknowledge your report within 48 hours
- We will provide a timeline for resolution within 5 business days
- English preferred, Chinese (中文) also accepted.
| Version | Supported | Status |
|---|---|---|
| 0.1.x | ✅ Yes | Active development |
All 11 engines are maintained under the same versioning scheme. Security patches will be backported across the entire ecosystem.
Each sub-project in the Loop Engineering ecosystem implements independent safety gates as part of its state machine architecture:
| Project | Safety Mechanism |
|---|---|
| loop-aider | 10-point PhaseGuard with atomic write protocol |
| loop-superpowers | Phase Contract DSL enforcement |
| loop-ollama | 3-tier fault tolerance (retry → degrade → halt) |
| loop-hermes | 6 gates (G1-G6) with provider fallback |
| loop-antigravity | Circuit breaker pattern with billing cap |
| loop-codex | CDPGuard L0/L1/L2 three-level security |
| loop-copilot | Watchdog process + session hooks |
| loop-cursor | 22-step engine with per-step validation |
| loop-opencode | 8 safety gates with 3-layer architecture |
| loop-openclaw | Dual-engine rendering with template sandboxing |
| loop-deepseek | ReAct loop with reasoning validation |
| loop-claudecode | G1/G2/G3 OS-level filesystem gates |
- Default-FAIL Contract: All engines default to refusing unsafe operations unless explicitly permitted
- Filesystem Sandboxing: G1 (read-only), G2 (write within project), G3 (full access) graduated permissions
- Atomic Writes: No partial file writes; transactions succeed completely or roll back
- Convergence Guard: Engines auto-terminate rather than running indefinitely
- No Privilege Escalation: Engines operate with the invoking user's permissions only
- Private disclosure: Initial report handled confidentially via email
- Fix development: Patches developed in private branches
- Coordinated release: Security advisories published simultaneously with fixes
- Credit: Reporters will be acknowledged in release notes (unless anonymity requested)
- CVE: We will request CVE IDs for qualifying vulnerabilities
如果你在 Loop Engineering 生态系统的任何项目中发现了安全漏洞,请不要公开发布 issue。
报告流程:
- 发送邮件至 novelnexusai@outlook.com
- 邮件内容需包含:受影响项目、版本号、漏洞详细描述、复现步骤、影响评估
- 我们会在 48小时内 确认收到
- 我们会在 5个工作日内 给出解决时间表
| 版本 | 是否支持 | 状态 |
|---|---|---|
| 0.1.x | ✅ 是 | 活跃开发 |
每个子项目在其状态机架构中实现了独立的安全闸门。核心安全原则包括:
- Default-FAIL 契约:默认拒绝不安全操作
- 文件系统沙箱:G1/G2/G3 分级权限
- 原子写入:事务性文件操作
- 收敛防护:自动终止,防止无限运行
- 无权限提升:仅使用调用者权限运行
- 私密报告 → 修复开发 → 协调发布 → 致谢报告者 → 申请 CVE