Alice is pre-1.0 software. Security fixes target the latest minor release series (currently v0.9.x); older tags are not maintained. Security posture in this repo is scoped to the shipped local/runtime surfaces and deterministic verification paths on the current baseline.
Please report security issues privately by opening a private security advisory in GitHub for this repository. Include:
- affected component/file
- reproduction steps
- impact assessment
- suggested mitigation (if available)
Do not open public issues for active security vulnerabilities.
- Postgres remains the system of record.
- User-owned data paths are RLS-governed.
- Public CLI/MCP/importer surfaces should not bypass trust/provenance boundaries.
- Consequential side effects remain approval-bounded.
- keep
.envlocal and do not commit secrets - keep local services bound to loopback where possible
- treat per-agent API keys (
alicebot agent keys create) as secrets; they are stored hashed, printed exactly once, and can be revoked withalicebot agent keys revoke - run verification commands before release tagging