We take the security seriously. If you believe you've found a security vulnerability, please report it by creating a GitHub issue. For sensitive reports, please contact our admins in telegram @IQAICOM.
- Go to the Issues section of the repository
- Click "New Issue"
- Select "Security Vulnerability" (if available) or create a regular issue
- Add the label "security" to your issue
- Provide a clear description of the vulnerability
When reporting a security issue, please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Suggestions for addressing the issue (if available)
- Any related code snippets or screenshots
- Environment details (OS, Node.js version, etc.)
After you submit a security issue:
- We will acknowledge receipt of your report as soon as possible
- We will provide an initial assessment of the report's validity and severity
- We will keep you informed about our progress in addressing the issue
- Once resolved, we will credit you in our security acknowledgments (unless you prefer to remain anonymous)
When using ADK-TS Framework:
- Keep all dependencies up to date
- Use proper authentication for any agent deployments
- Be cautious when using plugins that interface with external systems
- Review your application's security regularly
- Follow established security practices for any environments where agents are deployed
This security policy applies to the latest version of ADK-TS Framework and its core plugins. Third-party plugins or modified versions of the framework may have different security considerations.
Security updates will be released as part of our regular release cycle or as emergency patches for critical vulnerabilities. We recommend always using the latest version of ADK-TS Framework and its dependencies.
Thank you for helping keep ADK-TS Framework and its community safe!