docs: update SECURITY.md with Phase 4 completion
This commit is contained in:
parent
70bc47eadc
commit
92a50af5ed
19
SECURITY.md
19
SECURITY.md
|
|
@ -19,12 +19,17 @@ Only the `main` branch receives security updates. No release tags are maintained
|
|||
|
||||
| Area | Status |
|
||||
|------|--------|
|
||||
| Credential redaction in logs | Addressed (#38-40) |
|
||||
| Remote control default bind (0.0.0.0 → 127.0.0.1) | Addressed (#64) |
|
||||
| Shell injection via headersHelper | Addressed (#36) |
|
||||
| URL substring validation bypass | Addressed (#41-43) |
|
||||
| HTML stripping fragility | Addressed (#18-24) |
|
||||
| Credential redaction in logs | ✅ Phase 1 |
|
||||
| Remote control default bind (0.0.0.0 → 127.0.0.1) | ✅ Phase 1 |
|
||||
| Shell injection via headersHelper | ✅ Phase 3 |
|
||||
| URL substring validation bypass | ✅ Phase 3 |
|
||||
| HTML stripping fragility | ✅ Phase 3 + Phase 4 |
|
||||
| **Command injection (which, imagePaste, exec wrappers)** | ✅ Phase 4 |
|
||||
| **ReDoS in debugFilter regex** | ✅ Phase 4 |
|
||||
| **Sanitization bypass (stripHtml, claudemd, sedEditParser, bingAdapter)** | ✅ Phase 4 |
|
||||
| **Clear-text logging in MCP handler** | ✅ Phase 4 |
|
||||
| BashTool shell execution | **By design** — BashTool's job is to run shell commands. Do not report shell metacharacter usage as a vulnerability. |
|
||||
| Teleport / bridge / feature-flagged modules | Out of scope — not enabled in this fork. CodeQL alerts in these modules are accepted risk. |
|
||||
| Decompilation artifacts (unused variables, dead code) | Out of scope — these are expected in reverse-engineered code. |
|
||||
| Docker sandbox escape (`bwrap`) | In scope — report via advisory. |
|
||||
|
||||
|
|
@ -33,3 +38,7 @@ Only the `main` branch receives security updates. No release tags are maintained
|
|||
Code scanning runs on every push to `main` via `codeql.yml` (security-extended suite).
|
||||
Quality-only rules are dismissed as decompilation artifacts. Security alerts are
|
||||
triaged and addressed per the above scope.
|
||||
|
||||
**Current baseline:** 187 open alerts (down from 199 after Phase 1-4). Remaining
|
||||
open alerts are predominantly in feature-flagged modules (teleport, bridge, ACP,
|
||||
computer-use) that are not enabled in this fork. Core-path alerts are all addressed.
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user