| Version | Supported |
|---|---|
| 1.x | ✅ Yes |
If you discover a security vulnerability in AgentFlow, please do not open a public GitHub issue.
Instead, please report it privately via one of the following channels:
- GitHub Security Advisories: Report a vulnerability
- Email: Contact the maintainer directly via the GitHub profile at https://github.com/abdalrahman-ahmed
Please include the following in your report:
- A description of the vulnerability and its potential impact
- Steps to reproduce the issue
- Any relevant file paths or code snippets
- Your recommended fix (optional)
- Acknowledgement: Within 48 hours
- Assessment: Within 5 business days
- Fix / Patch Release: Based on severity — Critical: 72 hours, High: 7 days, Medium/Low: next release
This skill operates strictly within the user's local workspace. It:
- Does not make outbound network requests (except via
agyCLI which is explicitly controlled by the user) - Does not read or write files outside the current workspace directory
- Does not store credentials, API keys, or secrets in state files
- Does not execute arbitrary user-supplied shell code — only pre-defined validation commands based on project tech stack
- Least Privilege: The skill only accesses files within
.agents/and the workspace root - Audit Trail: Every execution persists a state file under
.agents/skills/agentflow/state/for traceability - No Credential Storage:
sessions.jsonstores only server address references, never tokens or passwords - Explicit Scope Boundaries: The skill cannot be invoked without the explicit
/agentflowprefix - Self-Correction Limits: Auto-correction is capped at 3 attempts to prevent runaway execution
This skill has zero runtime dependencies beyond Node.js built-ins (fs, path, child_process, crypto, os). The agy and agentapi binaries are provided by the Antigravity IDE environment and are not bundled in this repository.