OpenMind is a CLI agent that can read files, edit files, and execute commands after approval. Security issues are treated as high priority.

The latest released version receives security updates.

Do not disclose vulnerabilities publicly until maintainers have investigated and released a fix.

Report suspected vulnerabilities through GitHub Security Advisories for itisuniqueofficial-gh/openmind, or contact the maintainers privately through the organization channels.

Please include:

• Affected version or commit.
• Operating system and Node.js version.
• Reproduction steps.
• Expected and actual behavior.
• Any logs with secrets removed.

• Protected paths such as .env, private keys, certificates, and credentials are blocked.
• Commands always require confirmation.
• Dangerous system-level commands are blocked.
• File writes and edits always show a diff and ask for confirmation.
• Common API keys and private keys are redacted from command output.

OpenMind does not sandbox the host operating system. Run it only in workspaces where you are comfortable granting an approved command the same permissions as your shell user.