PicoWatch is a security tool. If you discover a vulnerability, please report it responsibly.
Contact: security@kirkforge.dev
Do not file public issues for security vulnerabilities.
| Stage | Target |
|---|---|
| Acknowledgment | 24 hours |
| Initial assessment | 72 hours |
| Fix or mitigation | 7 days (critical), 14 days (high), 30 days (medium/low) |
| Disclosure | After fix is released |
- Zero mandatory dependencies for core functionality (stdlib + PyYAML only)
- Pinned dependencies for all optional extras
- Self-scan: CI runs PicoSentry against our own dependencies when available
- Self-sandbox: CI runs PicoDome on post-install hooks when available
- SBOM: CycloneDX SBOM generated on every build
- No
eval(),exec(), orsubprocessduring rule evaluation - No network calls during scoring (offline by design)
- Rule sandboxing: custom rules are YAML-only, no Python code execution
- Input size limits: default 1MB max prompt size
- Per-IP rate limiting on HTTP daemon (configurable)
- API key authentication on write endpoints (configurable)
- Audit log integrity: SQLite WAL with HMAC-SHA256 checksums
| Version | Supported |
|---|---|
| 0.7.x | Active development |
| < 0.5 | Not supported |
This policy covers:
- The PicoWatch core library and CLI
- The FastAPI HTTP server
- The PicoShogun plugin adapter
- Rule definitions and normalization pipeline
Out of scope:
- Third-party dependencies (report to upstream)
- User-defined custom rules
- Infrastructure misconfiguration