REMORA is a research prototype. The following versions receive security attention:

Please do not open a public GitHub issue for security vulnerabilities.

Report security issues to: support@luftfiber.no

Include in your report:

• Description of the vulnerability
• Steps to reproduce
• Affected component (Python core / Cloudflare Worker / MCP server)
• Potential impact

You will receive acknowledgement within 72 hours and a fix timeline within 14 days for P0 issues.

In-scope for security reports:

• Authentication bypasses in Cloudflare Workers (workers/)
• Prompt injection vulnerabilities in the cascade pipeline
• Tool-call policy bypasses in remora/agent_hook.py
• Sensitive data exposure in audit logs or MCP responses
• Dependency vulnerabilities with CVSS ≥ 7.0

Out of scope:

• Theoretical attacks without a proof of concept
• Issues in demo-mode configurations explicitly marked insecure
• Rate limiting / DoS on the public demo workers

Both Cloudflare Workers fail closed when secrets are not configured:

• rag-oracle: ORACLE_SECRET unset → all requests return 401
• agent-control: CONTROL_SECRET unset → all write requests return 503

GET /audit and GET /test-bindings on the agent-control worker require Authorization: Bearer <CONTROL_SECRET>.

GET /status does not expose upstream worker URLs.

See docs/security/pre-deployment-review.md for the full pre-deployment checklist.

This file is updated when new security properties are established or new gaps are identified.