AgentForge is currently in 0.x development.
Security fixes are expected for:
- the latest published npm release
- the current
mainbranch
Older unpublished snapshots and stale local builds are not supported.
Please do not report security vulnerabilities in public GitHub issues.
Preferred reporting path:
- GitHub Security Advisories: https://github.com/redker56/agentforge/security/advisories/new
If GitHub private reporting is unavailable, contact the maintainer privately through GitHub profile contact options and include:
- affected version
- impact summary
- reproduction steps or proof of concept
- suggested mitigations, if known
- Initial acknowledgment target: within 72 hours
- Triage and severity assessment: as soon as reproducible details are available
- Fix timeline: depends on severity and complexity
We appreciate responsible disclosure and will coordinate public disclosure after a fix is available whenever possible.