| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ (development) |
DO NOT open a public issue for security vulnerabilities.
- Email: Send details to the project maintainers (check GitHub for contact info)
- GitHub: Use the private vulnerability reporting feature at:
https://github.com/[owner]/steve/security/advisories/new
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Your contact information for follow-up
- Initial response: Within 48 hours
- Triage: Within 1 week
- Fix timeline: Depends on severity
- Critical: 1-3 days
- High: 1 week
- Medium: 2 weeks
- Low: Next release
NEVER commit API keys to the repository. Use environment variables:
# config/minewright-common.toml [openai] apiKey = "${OPENAI_API_KEY}" # ✅ Correct # NEVER do this: # apiKey = "sk-abc123..." # ❌ Wrong - will be committed!
Set environment variables:
# Linux/macOS export OPENAI_API_KEY="sk-your-key-here" export GROQ_API_KEY="gsk_your-key-here" # Windows PowerShell $env:OPENAI_API_KEY="sk-your-key-here" # Windows Command Prompt set OPENAI_API_KEY=sk-your-key-here
The .gitignore includes:
# Config with API keys config/minewright-common.toml run/config/minewright-common.toml
If you accidentally commit an API key:
- Immediately rotate the key at your provider's dashboard
- Remove from git history using
git filter-branchor BFG Repo-Cleaner - Force push (if you have access)
- Report so we can help cleanup
All user inputs must be validated:
// Validate LLM prompts public void sendPrompt(String prompt) { if (prompt == null || prompt.isBlank()) { throw new IllegalArgumentException("Prompt cannot be empty"); } if (prompt.length() > MAX_PROMPT_LENGTH) { throw new IllegalArgumentException("Prompt too long"); } // Sanitize any potential injection patterns String sanitized = sanitizePrompt(prompt); // ... proceed }
The GraalVM JS sandbox has strict restrictions:
// Already implemented - do not relax these context.getBindings("js").put("java", null); // No Java access context.getBindings("js").put("System", null); // No system access
Never swallow exceptions silently:
// ❌ Bad - silent failure try { loadTemplate(); } catch (Exception e) { // Nothing happens - bad! } // ✅ Good - log and handle try { loadTemplate(); } catch (IOException e) { LOGGER.error("Failed to load template: {}", name, e); return Optional.empty(); }
- Keep dependencies updated
- Use Gradle dependency scanning
- Check for CVEs before upgrading
# Check for vulnerable dependencies
./gradlew dependencyCheckAnalyze- All API calls use HTTPS
- API keys are sent in headers (not URLs)
- Responses are validated before processing
- Agent commands require op permissions (configurable)
- Agent actions are logged for audit
- Rate limiting prevents DoS via agent commands
User-provided scripts run in a sandbox with:
- No file system access
- No network access
- No Java interop
- Memory and time limits
| Date | Auditor | Scope | Status |
|---|---|---|---|
| 2026年02月28日 | Claude Code Audit | Full codebase | Issues identified & fixed |
For security concerns:
- Open a private vulnerability advisory on GitHub
- Contact the maintainers directly
Last Updated: 2026年02月28日