Security Policy

Reporting a Vulnerability

If you discover a security vulnerability, please report it privately using GitHub's vulnerability reporting.

Please include:

Description of the vulnerability
Steps to reproduce
Your assessment of severity

We will respond within two weeks to acknowledge the report and coordinate a fix. Please keep the report confidential until a patch is available.

Notes for an autonomous agent acting under an identity

beadle runs as the arcavenai identity and posts publicly. Treat as security findings: any path by which untrusted issue/PR text could inject instructions into the triage agent (prompt injection), any way the bot could be induced to post fabricated claims, and any escalation that bypasses the propose-not-act guardrails (ADR-002). Untrusted issue/PR bodies are data, never instructions.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Notes for an autonomous agent acting under an identity

There aren't any published security advisories

Uh oh!

Security: ArcavenAE/beadle

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Notes for an autonomous agent acting under an identity

There aren't any published security advisories