Security Policy
We take security seriously. Learn how to report vulnerabilities and our commitment to protecting your infrastructure.
Status
Supported Versions
| Version | Status |
|---|---|
| 1.0.x (current) | Supported |
| 0.99.x | Supported |
| < 0.99 | Not supported |
Responsible Disclosure
Report a Vulnerability
If you discover a security vulnerability, please report it responsibly using the form below. We'll acknowledge your report within 24 hours.
By submitting this form, you agree to responsible disclosure practices.
Process
What to expect
| Timeline | Action |
|---|---|
| 24 hours | Acknowledgment of report received |
| 72 hours | Initial assessment and severity rating |
| 7 days | Progress update or fix timeline |
| 30 days | Resolution for critical/high issues |
| 90 days | Resolution for medium/low issues |
Scope
What's covered
In Scope
- ▶ Neural Commander CLI (nc binary)
- ▶ NC Daemon and Provider Gateway
- ▶ Telegram Bot Agent Interface
- ▶ Encrypted Vault and PII Gate
- ▶ Session persistence mechanisms
- ▶ Plugin system security
Out of Scope
- — Third-party dependencies (report to upstream)
- — Issues requiring physical access
- — Social engineering attacks
- — DoS via excessive API calls
Guidance
Security best practices
For Users
- 1. Keep NC Updated — Always use the latest version
- 2. Secure API Keys — Store API keys in your local config only
- 3. File Permissions — Restrict access to
~/.neural-commander/ - 4. Review Personas — Audit persona soul.md files and VaultAccessGrants
For Developers
- 1. Never commit secrets — Use environment variables
- 2. Validate inputs — Sanitize file paths and user input
- 3. Limit file access — Stay within project boundaries
- 4. Audit dependencies — Run
go mod verifyregularly
Architecture
Security by design
Compile-Time Plugin System
Deny-by-default permissions. No runtime marketplace. All plugins compiled into the binary with explicit capability grants. ClawHavoc-proof architecture.
PII Encryption Gate
11 scanner patterns automatically detect PII between vault and LLM. Sensitive data is redacted before routing to cloud models. CLI gets maximum trust; Telegram gets standard.
Zero Telemetry Guarantee
No data leaves your machine unless you explicitly configure a cloud model route. Local models via Ollama operate with zero network telemetry.
VaultAccessGrants
Per-agent, per-vault permissions. Each persona agent only sees what they're explicitly granted. Ed25519 cryptographic agent identity for capability-based access control.
Questions?
For security questions not related to vulnerability reports:
Contact UsThis policy follows RFC 9116 guidelines.