If you discover a security vulnerability in Nanostack, please report it through GitHub Security Advisories.
Do not open a public issue.
- Guard rule bypass (command that should be blocked passes through)
- Artifact injection (malicious data in .nanostack/ artifacts that affects downstream skills)
- Setup script vulnerabilities (symlink attacks, path traversal)
- Secrets exposure in skill output or artifacts
- Command injection through bin/ scripts
- Vulnerabilities in the AI agent itself (Claude Code, Codex, etc.)
- Issues in code that nanostack reviews or generates (that's what /security is for)
- Third-party skill sets built on top of nanostack
| Stage | Timeline |
|---|---|
| Acknowledgment | 48 hours |
| Initial assessment | 7 days |
| Fix or mitigation | 30 days |
| Version | Supported |
|---|---|
| Latest on main | Yes |
| Older commits | Best effort |
We follow coordinated disclosure. We will:
- Confirm the vulnerability
- Develop a fix
- Release a patch
- Credit the reporter (unless anonymity is requested)