CSO Audit Finding #3 — 2026-04-05
Severity: HIGH | Confidence: 8/10 | Status: VERIFIED
Category: Secrets Management (A02 — Cryptographic Failures)
Phase: P5 — Infrastructure Shadow Surface
Description
The AES-256-GCM encryption key used for all .credentials.enc files is passed as a plaintext environment variable (CREDENTIAL_ENCRYPTION_KEY) in docker-compose.yml. This key encrypts/decrypts credentials for ALL agents on the platform.
Issues:
- Visible in
docker inspect output
- Visible in process listings (
/proc/*/environ)
- No key rotation mechanism exists
- Single key for all agents — if compromised, all encrypted credentials are exposed
Exploit Scenario
Attacker with read access to any backend container process listing (e.g., via container escape or compromised monitoring agent) extracts CREDENTIAL_ENCRYPTION_KEY → decrypts all agent .credentials.enc backup files.
Remediation
Short-term:
- Document key rotation procedure (generate new key, re-encrypt all .credentials.enc files)
- Restrict container process environment visibility
Medium-term:
- Migrate to Docker secrets (Swarm mode) or external secret manager (HashiCorp Vault, AWS Secrets Manager)
- Consider per-agent encryption keys derived from a master key
Estimated effort: 1-2 days
References
- CSO report:
docs/security-reports/cso-2026-04-05.md
- Prior finding: C-001 in
docs/security-reports/security-analysis-2026-03-09.md (related — API exposure was fixed, but storage concern remains)
CSO Audit Finding #3 — 2026-04-05
Severity: HIGH | Confidence: 8/10 | Status: VERIFIED
Category: Secrets Management (A02 — Cryptographic Failures)
Phase: P5 — Infrastructure Shadow Surface
Description
The AES-256-GCM encryption key used for all
.credentials.encfiles is passed as a plaintext environment variable (CREDENTIAL_ENCRYPTION_KEY) in docker-compose.yml. This key encrypts/decrypts credentials for ALL agents on the platform.Issues:
docker inspectoutput/proc/*/environ)Exploit Scenario
Attacker with read access to any backend container process listing (e.g., via container escape or compromised monitoring agent) extracts
CREDENTIAL_ENCRYPTION_KEY→ decrypts all agent.credentials.encbackup files.Remediation
Short-term:
Medium-term:
Estimated effort: 1-2 days
References
docs/security-reports/cso-2026-04-05.mddocs/security-reports/security-analysis-2026-03-09.md(related — API exposure was fixed, but storage concern remains)