The Agentic QE project maintains security updates for the following versions:
| Version | Supported | Notes |
|---|---|---|
| 1.2.x | ✅ | Current stable release |
| 1.1.x | ✅ | Maintained with critical security fixes |
| 1.0.x | ❌ | Upgrade to 1.2.x recommended |
| < 1.0 | ❌ | No longer supported |
Recommendation: Always use the latest stable version (1.2.x) to ensure you have the most recent security patches and improvements.
The Agentic QE framework includes several security features by default:
- TLS 1.3 Encryption: All QUIC connections use TLS 1.3 by default
-
- Certificate Validation: Mandatory certificate validation for all connections
-
- Connection Authentication: Secure agent-to-agent communication
-
-
Sub-millisecond Latency: <1ms secure communication overhead
-
- Regular Audits: Automated dependency vulnerability scanning
-
- Minimal Dependencies: 89 packages removed in v1.2.0 (7.3MB reduction)
-
- Trusted Sources: All dependencies from verified npm registry sources
-
-
Lock File:
package-lock.jsonensures reproducible builds -
- Local Storage: SQLite database stored locally (
.aqe/memory.db) -
- No External Transmissions: Learning data and patterns stay on your system
- Encryption at Rest: Optional database encryption for sensitive data
-
Memory Isolation: Agent memory stores are isolated by agent ID
- Authentication: Optional API key authentication for MCP server
- Rate Limiting: Built-in rate limiting for API endpoints
- CORS Configuration: Configurable cross-origin resource sharing
-
Input Validation: All API inputs are validated and sanitized
- TypeScript: Strong typing prevents many common vulnerabilities
- No Eval: Zero use of
eval()or dynamic code execution -
Input Sanitization: All external inputs are validated
- Path Traversal Protection: Safe file system operations
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact and severity assessment
- Affected versions
- Any suggested fixes (if applicable)
-
Your contact information for follow-up
-
| Timeline | Action |
-
| -------- | ----------------------------------------------------- |
-
| 24 hours | Acknowledgment of your report |
-
| 7 days | Initial assessment and severity classification |
-
| 30 days | Fix development and testing (for critical issues) |
-
| 90 days | Public disclosure (after patch release) |
-
We use the following severity levels:
- CRITICAL: Remote code execution, authentication bypass, data breach
- HIGH: Privilege escalation, SQL injection, XSS
- MEDIUM: Information disclosure, denial of service
-
LOW: Minor information leaks, non-exploitable bugs
-
- Private Fix: We develop and test the fix privately
-
- Security Advisory: We create a GitHub Security Advisory
-
- Patch Release: We release a patched version
-
- Public Disclosure: We publish the advisory with details
-
-
Credit: We credit the reporter (unless they prefer anonymity)
-
-
# Check for updates npm outdated # Update to latest stable version npm update agentic-qe # Audit dependencies npm audit npm audit fix
# config/fleet.yaml - Production settings security: # Enable TLS 1.3 for all connections tlsVersion: "1.3" # Require certificate validation validateCertificates: true # Enable database encryption databaseEncryption: true encryptionKey: "${AQE_DB_ENCRYPTION_KEY}" # Use environment variable # API authentication apiAuth: enabled: true apiKey: "${AQE_API_KEY}" # Use environment variable # Rate limiting rateLimit: enabled: true maxRequests: 100 windowMs: 60000 # 1 minute
# .env - NEVER commit this file AQE_DB_ENCRYPTION_KEY=your-secure-random-key-here AQE_API_KEY=your-secure-api-key-here # Use strong random keys openssl rand -base64 32
# Secure your configuration files chmod 600 .env chmod 600 config/fleet.yaml chmod 700 .aqe/ # Verify permissions ls -la .env config/ .aqe/
# Store API keys securely in environment variables export OPENAI_API_KEY="sk-..." export ANTHROPIC_API_KEY="sk-ant-..." # Never hardcode in configuration files # Never commit to version control
# Restrict API access api: host: "127.0.0.1" # Localhost only port: 3000 # Or use specific IP whitelist allowedIPs: - "192.168.1.0/24" - "10.0.0.0/8"
# Enable comprehensive audit logging logging: level: "info" auditLog: true auditFile: ".aqe/audit.log" # Log sensitive operations auditEvents: - "agent_spawn" - "database_access" - "pattern_export" - "api_access"
- All PRs require security review for changes to:
- Authentication/authorization logic
- Database operations
- File system operations
- Network communications
-
External API integrations
-
# Run security tests before committing npm run test:security # Check for common vulnerabilities npm audit # Static analysis npm run lint:security
- Input Validation: Validate all user inputs and external data
- Output Encoding: Encode output to prevent injection attacks
- Parameterized Queries: Use parameterized queries for database operations
- Least Privilege: Grant minimum necessary permissions
- Error Handling: Never expose sensitive information in error messages
-
Dependency Management: Keep dependencies updated and audited
-
# Install security pre-commit hooks npm run setup:security-hooks # Hooks will automatically: # - Run npm audit # - Check for hardcoded secrets # - Validate file permissions # - Run security linters
Risk: AI model API keys (OpenAI, Anthropic, etc.) grant access to paid services.
Mitigation:
- Store keys in environment variables only
- Never commit keys to version control
- Use
.gitignoreto exclude.envfiles - Rotate keys regularly
- Monitor API usage for anomalies
-
Set spending limits in provider dashboards
-
Risk: Test data generation might create sensitive-looking data.
-
Mitigation:
- Generated test data is synthetic and not real
- Configure data generation to avoid realistic PII
- Use faker libraries with non-sensitive seeds
-
Document that test data is for testing only
-
Risk: SQLite database stores agent learning data and patterns.
-
Mitigation:
- Database is stored locally (not transmitted)
- Enable encryption for sensitive environments
- Set appropriate file permissions (600)
- Exclude from backups to untrusted locations
-
Regular cleanup of old data
-
Risk: MCP server exposes API endpoints for agent coordination.
-
Mitigation:
- Bind to localhost (127.0.0.1) by default
- Enable API key authentication in production
- Use rate limiting to prevent abuse
- Deploy behind reverse proxy in production
-
Enable HTTPS for remote access
-
Risk: Exported patterns might contain project-specific information.
-
Mitigation:
- Review patterns before sharing externally
- Patterns contain code structure, not secrets
- Option to sanitize patterns before export
-
Document pattern privacy in sharing features
-
Risk: Logs might contain sensitive operational data.
-
Mitigation:
- Configure log levels appropriately
- Exclude sensitive data from logs
- Rotate and archive logs regularly
-
Secure log file permissions (600)
- Use structured logging for easier filtering
- Current Status: 90%+ compliance (improved from 70% in v1.1.0)
- OWASP Top 10: Addressed all critical categories
- Testing: Regular OWASP ZAP scans
-
Documentation: Security controls documented
- GDPR: Test data generator supports GDPR-compliant synthetic data
- Data Residency: All data stored locally by default
- Data Portability: Export/import functionality for all data
-
Right to Deletion: Easy data cleanup and removal
- SPDX License: MIT License (SPDX-License-Identifier: MIT)
- CycloneDX SBOM: Software Bill of Materials available
-
Vulnerability Disclosure: Coordinated disclosure policy
- Security Champions: Designated security maintainers
- GitHub Security Advisories: Watch this repository for security advisories
- Release Notes: Check
CHANGELOG.mdfor security fixes - Email Updates: Subscribe to [email protected] for critical alerts
-
Twitter: Follow @AgenticQE for announcements
-
# Check for security updates npm outdated agentic-qe # View security advisories npm audit # Update with security fixes npm update agentic-qe
- Security Team: [email protected]
- General Support: [email protected]
-
Maintainers: See CODEOWNERS file
-
For encrypted communications, use our PGP key:
-
Fingerprint: [To be added] Key ID: [To be added] Download: https://keys.openpgp.org/[email protected]
We appreciate the security research community's efforts. Security researchers who responsibly disclose vulnerabilities will be:
- Credited in release notes (unless anonymity is preferred)
-
Listed in our SECURITY-HALL-OF-FAME.md (coming soon)
-
Eligible for recognition in our documentation
-
Thank you for helping keep Agentic QE secure!
- Contributing Guide - Contribution guidelines including security
- Documentation - Complete documentation
-
OWASP Top 10 - OWASP security standards
- npm Security Best Practices - npm security
Last Updated: October 22, 2025 Version: 1.2.0
-
We take security vulnerabilities seriously. If you discover a security issue, please follow these steps:
Security vulnerabilities should not be reported through public GitHub issues to prevent exploitation before a fix is available.
Email: [email protected] Subject:
[SECURITY] Brief description of issueInclude in your report:
- Local Storage: SQLite database stored locally (
-
-