Security Policy

Security Policy

How to report vulnerabilities, our disclosure process, and supported version information.

Found a security vulnerability?

Please do not open a public GitHub issue. Use private disclosure instead.

Email security@geneclaw.ai

Supported Versions

Version Supported Notes
0.1.x ✓ Supported Current stable release
Earlier versions ✗ Unsupported Please upgrade

Reporting a Vulnerability

We take security vulnerabilities in Geneclaw seriously, especially given that the system is designed to interact with agent codebases and potentially apply code changes. A vulnerability in Geneclaw's Gatekeeper or event store could have significant security implications.

How to Report

  1. Email security@geneclaw.ai with the subject line: [SECURITY] Brief description
  2. Include the following in your report:
    • A description of the vulnerability and its potential impact
    • Steps to reproduce the issue
    • The Geneclaw version(s) affected
    • Any proof-of-concept code or example (do not include working exploits for critical vulnerabilities)
  3. We will acknowledge receipt within 48 hours
  4. We aim to provide a full response within 7 days, including a preliminary assessment and timeline for a fix

Disclosure Policy

  1. Reporter discloses privately to security@geneclaw.ai
  2. We confirm the vulnerability and its severity within 7 days
  3. We develop and test a fix
  4. We release the fix and publish a security advisory (GitHub Security Advisory)
  5. Reporter may publish their own disclosure 30 days after the fix is released, or earlier by mutual agreement

Scope

The following are in scope for security reports:

  • Gatekeeper bypass vulnerabilities (ability to apply proposals without passing all 5 layers)
  • Secret scan evasion (crafting proposals that contain secrets but pass the secret scan)
  • Event store tampering (modifying or deleting past events)
  • Unauthorized filesystem access outside the configured allowlist
  • Dependency vulnerabilities with known exploits affecting Geneclaw deployments

The following are out of scope:

  • Vulnerabilities in nanobot (HKUDS/nanobot) — please report these to the nanobot project directly
  • Issues in user-provided LLM providers or API keys
  • Social engineering attacks
  • Theoretical vulnerabilities without demonstrated impact

Security Design Notes

If you're evaluating Geneclaw's security posture:

  • The Gatekeeper is the primary security boundary. Its code is in geneclaw/gate/ and is the most security-critical component.
  • The event store uses append-only semantics. The CLI does not expose a delete or truncate operation.
  • Secret redaction happens in the event store writer, not in the reader. Secrets should never reach the JSONL file.
  • The --apply flag is a hard gate in the CLI argument parser, not just a runtime check. Removing it requires modifying the source code.
Read the Safety Model →