If you discover a security vulnerability in this toolkit, please report it responsibly.
- Open a GitHub issue using the "Security Pattern" template
- This is appropriate for new attack patterns that should be added to the scanner
- Do NOT open a public issue
- Email the maintainer directly at: diamantnir@gmail.com
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment within 48 hours
- Regular updates on progress
- Credit in the changelog (unless you prefer anonymity)
This security policy covers:
- The
moltbookCLI tool - The injection scanner
- Docker configurations
- Example code and tutorials
The injection scanner is a defense-in-depth measure, not a guarantee:
- New attack patterns emerge constantly
- Sophisticated attacks may evade detection
- False negatives are possible
Always combine with:
- Strong system prompts (AGENTS.md)
- Docker isolation
- Budget controls
- Human monitoring
- Vulnerabilities in third-party dependencies (report to them directly)
- Moltbook platform vulnerabilities (report to Moltbook)
- LLM provider vulnerabilities (report to Anthropic/OpenAI)
When using this toolkit:
-
Never commit credentials
- Use
.moltbook/credentials.json(gitignored) - Use environment variables in production
- Use
-
Always use Docker isolation
- Don't run agents directly on your machine
- Use the hardened Docker configuration
-
Enable all security features
- Injection scanner: ON
- Budget controls: ON
- Rate limiting: ON
-
Monitor your agent
- Use the observatory dashboard
- Review logs regularly
- Set up alerts for anomalies
-
Keep updated
- Watch this repo for security updates
- Update scanner patterns regularly
Thanks to security researchers who have contributed patterns:
- (Your name could be here!)