32 lines
821 B
Markdown
32 lines
821 B
Markdown
# Security Policy
|
|
|
|
## Reporting Vulnerabilities
|
|
|
|
If you discover a security vulnerability, please report it responsibly:
|
|
|
|
1. **Do NOT** open a public issue
|
|
2. Use the **Security Report** issue template (marked confidential)
|
|
3. Or email: amundsonalexa@gmail.com
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
|---------|-----------|
|
|
| Latest | Yes |
|
|
|
|
## Security Practices
|
|
|
|
- All SSH keys are audited regularly
|
|
- Secrets are stored in Cloudflare Worker secrets, never in code
|
|
- UFW firewall on all exposed nodes
|
|
- WireGuard encrypted mesh between all nodes
|
|
- Cloudflare Tunnels for external access (no open ports)
|
|
- Agent tokens are per-user with minimal required permissions
|
|
|
|
## Agents
|
|
|
|
Sentinel (🛡️) automatically reviews all issues and PRs for security implications.
|
|
|
|
---
|
|
*BlackRoad OS — Pave Tomorrow.*
|