Skip to content

Security: AugentDevs/augent

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in Augent, please report it responsibly.

Do not open a public issue.

Instead, use GitHub Security Advisories to report the vulnerability privately, or email security@augent.app.

We will acknowledge your report within 48 hours and aim to release a fix within 7 days for critical issues.

Scope

In scope:

  • MCP server (augent-mcp)
  • CLI tools (augent, audio-downloader)
  • Web UI (augent-web)
  • Installer script (install.sh)
  • Python library code

Out of scope:

  • Third-party dependencies (report to their maintainers directly)
  • Issues requiring physical access to the machine
  • Social engineering

Supported Versions

Version Supported
2026.x Yes
< 2026.1 No

There aren't any published security advisories