AgentBench is a security benchmarking tool. If you discover a security vulnerability in AgentBench itself, please report it privately.
Do not report security vulnerabilities through public GitHub issues.
Send details to the repository maintainers via:
- GitHub Security Advisory: https://github.com/Carlos-Projects/agentbench/security/advisories
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will acknowledge receipt within 48 hours and provide a timeline for resolution.
This security policy covers the AgentBench codebase itself, not the agents being tested. AgentBench is designed to identify security issues in AI agents -- that is its intended purpose.
| Version | Supported |
|---|---|
| 0.2.x | Yes |
When using AgentBench:
- Only run benchmarks against systems you own or have permission to test
- Review generated reports for sensitive information before sharing
- Use in isolated environments when testing untrusted agents