Documentation Index
Fetch the complete documentation index at: https://docs.agentguardian.io/llms.txt
Use this file to discover all available pages before exploring further.
TL;DR
If you believe you have found a security vulnerability in AgentGuardian itself, please report it privately. Do not file a public GitHub issue.- Preferred channel: GitHub Security Advisories (private vulnerability report). Open a draft advisory.
- Email fallback:
security@glacien.ai(use this only if you cannot use GitHub). - Embargo: 90-day coordinated-disclosure embargo from first contact.
SECURITY.md
at the repo root. This page summarises it for the docs site.
Scope
In scope:- Bugs in the
agent-guardianPython package on PyPI. - Bugs in the source under
src/agent_guardian/. - Vulnerabilities in the official Docker image.
- Vulnerabilities in the bundled examples that go beyond their documented “deliberately vulnerable” surface.
- Supply-chain issues with the release pipeline (Sigstore signatures, GitHub release artifacts).
- Vulnerabilities in a target agent you scan with AgentGuardian — that’s what the tool is for. Report those to the owner of the target.
- Vulnerabilities in third-party LLM providers (OpenAI, Anthropic, Google, Mistral). Use the provider’s own reporting channel.
- “Vulnerable demo” issues in
examples/— those agents are intentionally vulnerable to exercise the scanner. - Issues in the marketing / docs site infrastructure (separate repository).
- Issues that require physical access to the developer’s machine.
What to include in a report
- A short description of the vulnerability and its impact.
- The affected version(s) — output of
agent-guardian --version. - A minimal proof-of-concept or reproduction steps.
- Your name and (optionally) a handle you would like credited in the published advisory.
Our commitment
When you report a vulnerability:- We acknowledge receipt within 3 business days.
- We provide an initial assessment (severity + impact) within 10 business days.
- We follow a 90-day coordinated-disclosure embargo from first contact. We will not publicly disclose details until the embargo expires or a fix is shipped, whichever comes first.
- We credit reporters in the public advisory unless asked otherwise.
- We do not require a CLA, NDA, or any other side agreement. The DCO on the public repo is sufficient for the fix PR.
Disclosure history
Every handled disclosure (post-embargo) is recorded indocs/security/disclosure-history.md
in the repo, with date, severity, and credited reporter.
Why we prefer GHSA over email
GitHub Security Advisories give us:- End-to-end encryption between reporter and maintainers at rest.
- A private fork to develop the fix in, with the original advisory attached.
- Built-in CVE assignment when the embargo lifts.
- A clean publication path that automatically notifies dependents via Dependabot.
security@glacien.ai channel is
kept as a fallback only — please use GHSA when you can.
Supply-chain integrity
Every release artifact is signed via Sigstore keyless OIDC through the release workflow. To verify a release:.github/workflows/release.yml.
We deliberately do not use long-lived PGP keys — keyless OIDC is the
canonical signing path.
Code of Conduct
Security reports are subject to our Code of Conduct. Threats, harassment, or extortion attached to a security report are treated as a Code of Conduct violation, not a vulnerability submission.Next step
Support
Non-security questions: Discussions for asking, Issues for filing bugs.
Contributing
The DCO sign-off requirement applies to security-fix PRs too.