Skip to content

Security: aisflows/ready-gate

Security

SECURITY.md

Security

Ready Gate does not install dependencies, run package scripts, call providers, log into accounts, or mutate production systems.

Forbidden without explicit approval:

  • reading .env, cookies, browser profiles, tokens, SSH keys, or provider profiles;
  • running npx, npm install, setup scripts, unknown binaries, product code, or provider calls;
  • changing billing, admin settings, production data, publishing, or deployment state.

This skill is not a security scanner and does not provide a security guarantee. It can route security-sensitive gaps into the product fix feed when evidence supports them.

There aren't any published security advisories