If you discover a security vulnerability, please do not open a public issue.

Instead, report it privately via GitHub Security Advisories.

You can expect:

• Acknowledgment within 48 hours
• Status update within 7 days
• Fix timeline based on severity

This project runs Claude Code with --permission-mode bypassPermissions, which means the AI agent can execute arbitrary commands inside the container. This is by design for autonomous operation, but you should:

• Never expose the container to the public internet — keep it on a private network
• Use Docker resource limits — prevent runaway resource consumption
• Store tokens in .env files — never commit them to git
• Use Docker volumes — don't mount sensitive host directories
• Review CLAUDE.md — the agent follows these instructions, make sure they're safe
• Monitor container logs — watch for unexpected behavior