Org-wide security policy for AgentsORG. Individual repos may have their own SECURITY.md that supersedes this one for that repo's specifics; everything else falls back here.

This policy covers every repository in the AgentsORG organization. Most AgentsORG repos ship agent skills — markdown-based — so the security surface is narrower than a typical software project:

• Prompt-injection content in skill nodes (someone proposes a node whose text manipulates the consuming agent).
• Misleading external links (a node points at a malicious URL).
• Manifest tampering — .claude-plugin/marketplace.json or SKILL.md frontmatter pointing at unintended skills.
• Dependency CVEs in CI workflows or any bundled JS / Python / Bash scripts.
• Auth-related issues in repos that do ship runtime code (web apps, MCP servers, etc.).

Do not open a public issue for security reports.

Email: harshitkhemani@gmail.com

Or use GitHub's private security advisory flow on the relevant repo.

Include:

1. The repo and version (e.g. AgentsORG/design-engineering at v1.3.0).
2. A description of the issue (what / where / why it matters).
3. Steps to reproduce — what query triggered the bad behavior, which file returned what.
4. The file path and (if possible) the offending lines.
5. The agent / model the issue showed up on (Claude Opus, Sonnet, GPT-4, etc.) — see any skill's meta/cross-model-testing for why this matters.
6. Your suggested fix, if any.

• T+0 — report received, acknowledged.
• T+3 business days — triage complete, severity assessed.
• T+14 days — fix proposed (PR or direct commit) or report closed with explanation.
• T+30 days — public disclosure (security advisory + commit) if not earlier coordinated.

Skills follow SemVer. The latest minor on each major is supported. Critical fixes are backported to the previous major for 6 months after a new major ships.

• Style or opinion disagreements ("this advice is bad") — those go in regular issues / PRs.
• Wishes for additional features — open a feature request.
• Customizable defaults (a skill's meta/pov.md is meant to be edited per-installer).

Reporters who responsibly disclose security issues will be credited (with permission) in the relevant repo's CHANGELOG.md for the release that fixes the issue.