|
| 1 | +# Security Policy |
| 2 | + |
| 3 | +## Reporting a Vulnerability |
| 4 | + |
| 5 | +If you believe you have found a security vulnerability in **MS-Agent**, please report it responsibly. |
| 6 | + |
| 7 | +- **Preferred**: Use GitHub **Private Vulnerability Reporting** (Security → Advisories → Report a vulnerability), if enabled. |
| 8 | +- **Do not** open a public GitHub Issue for security reports. |
| 9 | + |
| 10 | +Please include: |
| 11 | +- A clear description of the issue and impact |
| 12 | +- A minimal proof-of-concept (PoC), if possible |
| 13 | +- Affected versions/commits |
| 14 | +- Reproduction steps and environment details |
| 15 | +- Any suggested mitigations/fix ideas (optional) |
| 16 | + |
| 17 | +We will acknowledge receipt as soon as possible and work with you on coordinated disclosure. |
| 18 | + |
| 19 | +## Scope |
| 20 | + |
| 21 | +In scope includes (but is not limited to): |
| 22 | +- Tool execution security |
| 23 | +- Prompt/document injection leading to unsafe tool usage |
| 24 | +- Arbitrary file read/write, path traversal |
| 25 | +- SSRF and internal network access through tools |
| 26 | +- Unsafe deserialization (pickle/yaml/etc.) |
| 27 | + |
| 28 | +Out of scope: |
| 29 | +- Issues in third-party dependencies with no exploitable path through MS-Agent |
| 30 | +- Misconfigurations or insecure deployments not recommended by the project |
| 31 | +- Social engineering attacks that do not involve a technical vulnerability in MS-Agent |
| 32 | + |
| 33 | +## Disclosure Process |
| 34 | + |
| 35 | +- We will confirm receipt of your report. |
| 36 | +- We will investigate and validate the issue. |
| 37 | +- We will coordinate a fix and release. |
| 38 | +- We may publish a GitHub Security Advisory (and request a CVE when appropriate). |
| 39 | +- We will credit reporters where possible (unless you prefer to remain anonymous). |
0 commit comments