Skip to content

Security: JorisJonkers-dev/agent-kit

Security

SECURITY.md

Security Policy

Reporting A Vulnerability

Do not report vulnerabilities in public issues, pull requests, discussions, or commit comments.

Report suspected vulnerabilities privately to:

  • security@jorisjonkers.dev

Include:

  • affected repository and commit, tag, or version
  • concise impact description
  • reproduction steps or proof of concept
  • relevant logs with secrets and private data removed

Handling

Security reports are reviewed privately. Public disclosure, issue creation, and fix details are coordinated by Joris Jonkers after the risk is understood and a remediation path exists.

Supported Code

Only the current default branch and actively released packages or images are in scope. Archived repositories, old branches, and historical tags are not supported unless Joris Jonkers explicitly says otherwise.

Source Availability

Public visibility does not grant permission to use, copy, modify, deploy, redistribute, or derive from this code. Repository licensing is governed by the root LICENSE file.

There aren't any published security advisories