Please do not report security vulnerabilities through public GitHub issues.

Instead, report them via GitHub Security Advisories.

You can expect:

• An initial response within 72 hours
• A fix or mitigation plan for confirmed issues
• Credit in the release notes if you would like it

Security issues in omnid itself (credential handling, proxy routing, sync engine, daemon) are in scope. Issues in third-party MCP servers configured by users are generally out of scope unless omnid introduces the vulnerability.

omnid operates at the intersection of local AI agent configs and MCP backends. Pay attention to:

• Credentials in matrix.yaml — must use keyring references (${credential}), never plaintext secrets in synced config files
• Proxy credential injection — src/mcp/backend.rs and src/mcp/router.rs inject secrets into MCP backend env/headers; flaws could leak credentials to untrusted backends
• Sync to local agent configs — the sync engine writes MCP stubs, rules, skills, and optional hooks into Cursor, Claude Code, and other agent directories; bugs could corrupt or overwrite user agent settings
• AI-assisted PRs — contributors using coding agents must not commit real credentials, production matrix.yaml snippets, or keyring values in the repo

Report suspected credential leaks or unsafe sync behavior via the advisory link above.