OpenHive is a governed agent platform with credential handling, sandbox execution, and approval workflows. Please report suspected vulnerabilities privately so maintainers can triage and fix them before details become public.

OpenHive is currently in preview. Security fixes target:

Do not file a public GitHub issue for a vulnerability.

Preferred reporting path:

1. Use GitHub's private vulnerability reporting flow when it is enabled for this repository.
2. If that flow is unavailable, email the repository owner listed on the GitHub project page with the subject OpenHive security report.

Include:

• affected version, commit, or deployment mode
• a clear reproduction path
• expected and actual impact
• whether credentials, tenant data, sandbox escape, or cross-project access are involved
• any logs or proof artifacts with secrets redacted

Please do not include live API keys, customer data, private chat content, or unredacted credentials in the report.

Maintainers aim to:

• acknowledge new reports within 3 business days
• confirm scope and severity within 7 business days when reproduction is possible
• publish a fix, mitigation, or status update before public disclosure

These are targets, not guarantees. Preview users should keep deployments isolated and avoid exposing OpenHive to untrusted networks unless they have reviewed their own threat model.

High-priority areas include:

• credential storage, relay, and redaction paths
• project, group, and agent scope isolation
• sandbox command execution, workspace writes, and network policy
• extension, plugin, and skill installation governance
• dashboard authentication and admin-only routes
• prompt injection handling where untrusted content crosses into model context

Out of scope:

• vulnerabilities that require a maintainer's local development machine to already be compromised
• reports against intentionally fake test credentials or documented placeholders
• unsupported deployment modes not described in the public docs

OpenHive public docs use "preview" deliberately. Some runtime paths are still being hardened. In particular, follow the current notes in docs/preview-release-checklist.md, docs/current-status.md, and docs/credential-isolation-validation-plan.md before making production claims.