| Version | Supported |
|---|---|
| < 1.0.0 | No |
Do not open a public GitHub issue for security vulnerabilities.
To report a vulnerability, open a private GitHub Security Advisory: https://github.com/sampleXbro/agentsmesh/security/advisories/new
Include:
- A description of the vulnerability and its potential impact
- Steps to reproduce or a proof-of-concept
- Any suggested mitigations
You will receive an acknowledgment within 72 hours. We aim to release a patch within 14 days for confirmed high or critical issues.
This policy covers the agentsmesh npm package and its CLI. Out of scope:
- Vulnerabilities in third-party packages (report to the upstream project)
- Issues in generated target config files that are user-authored content