Skip to content

Security: agents-repo/webapp

SECURITY.md

Security Policy

We take the security of the agents-repo ecosystem seriously.

Reporting a vulnerability

Do not report security vulnerabilities in public GitHub issues, discussions, or pull requests.

Report vulnerabilities privately using GitHub Private Vulnerability Reporting on the affected repository:

Repository Report URL
registry https://github.com/agents-repo/registry/security/advisories/new
webapp https://github.com/agents-repo/webapp/security/advisories/new
registry-proxy https://github.com/agents-repo/registry-proxy/security/advisories/new
.github https://github.com/agents-repo/.github/security/advisories/new

What to include

Please include as much of the following as you can:

  • Affected repository and file paths
  • Steps to reproduce the issue
  • Impact assessment
  • Proof of concept, if available

Response expectations

Maintainers aim to acknowledge reports within 5 business days. We will coordinate with you on validation, remediation, and disclosure timing before any public announcement.

Supported versions

Security fixes generally target the latest release on the default branch of the affected repository unless that repository documents a different support policy.

There aren't any published security advisories