Skip to content

Security: ComposioHQ/agent-orchestrator

Security

SECURITY.md

Security Policy

Reporting Security Issues

Please do not report security vulnerabilities through public GitHub issues.

Instead, please report them via email to security@composio.dev.

You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message.

Please include the following information:

  • Type of issue (e.g., secret leak, code injection, authentication bypass)
  • Full paths of source file(s) related to the issue
  • Location of the affected source code (tag/branch/commit or direct URL)
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code (if possible)
  • Impact of the issue

Security Audit History

Known Issues

OpenClaw Notifier Token (Resolved)

Status: Removed from codebase Severity: Medium Date: 2026-02-15 Commit: 0393ab70a83e090883895d2168aa39a76f997ec8

An OpenClaw notifier token (1af5c4f...872 - redacted) was accidentally committed in agent-orchestrator.yaml and later removed. This token was:

  • Used for local development/testing only
  • Never used in production
  • Removed in subsequent commits
  • Still present in git history

Action Required: If this token is still in use, it should be rotated immediately.

Lesson: All tokens and API keys must use environment variables. The agent-orchestrator.yaml file is now in .gitignore to prevent future accidental commits.

Security Measures

Automated Secret Scanning

This repository uses Gitleaks to prevent accidental commits of secrets:

  1. Pre-commit Hook — Scans staged files before every commit
  2. CI Pipeline — Scans full git history on every push/PR
  3. Scheduled Scans — Weekly scans to catch new vulnerability patterns

Dependency Security

  • Dependency Review — GitHub Action scans PRs for vulnerable dependencies
  • npm audit — Runs in CI to detect known vulnerabilities in dependencies
  • Automated Updates — Dependabot (or similar) for security patches

Best Practices for Developers

Never Commit Secrets

Bad — Hardcoded secret:

notifiers:
  slack:
    webhook: https://hooks.slack.com/services/T123/B456/abc123

Good — Environment variable:

notifiers:
  slack:
    webhook: ${SLACK_WEBHOOK_URL}

Use Environment Variables

Store all secrets in environment variables:

# .env.local (ignored by git)
LINEAR_API_KEY=lin_api_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/...

Then reference in config:

notifiers:
  slack:
    webhook: ${SLACK_WEBHOOK_URL}

Naming Conventions

Use consistent environment variable names:

  • *_API_KEY — API keys (e.g., LINEAR_API_KEY)
  • *_TOKEN — Authentication tokens (e.g., GITHUB_TOKEN)
  • *_SECRET — Secret keys (e.g., JWT_SECRET)
  • *_URL — URLs that may contain credentials (e.g., DATABASE_URL)

Example Config Files

When creating example config files:

  1. Use placeholder values: your-api-key-here, your-token-here
  2. Use environment variable references: ${ENV_VAR}
  3. Never copy real credentials, even "temporarily"
  4. Document which environment variables are required

Files to Never Commit

The .gitignore excludes these patterns:

  • .env, .env.local, .env.*.local
  • *.key, *.pem, *.p12, *.pfx
  • secrets.yaml, credentials.json
  • agent-orchestrator.yaml (local config)

Checking for Secrets Locally

Before committing:

# Scan current files
gitleaks detect --no-git

# Scan staged files (automatic in pre-commit hook)
gitleaks protect --staged

# Scan full git history
gitleaks detect

What to Do If You Commit a Secret

If you accidentally commit a secret:

  1. Rotate the secret immediately — Assume it's compromised
  2. Remove from git history — Use git filter-repo or similar (dangerous!)
  3. Update .gitleaks.toml — Add pattern to prevent similar leaks
  4. Report internally — Document in SECURITY.md

Never just delete the file and commit — the secret remains in git history!

Code Review

When reviewing PRs:

  • ✅ Check for hardcoded tokens, passwords, API keys
  • ✅ Verify environment variables are documented but not hardcoded
  • ✅ Ensure example configs use placeholders
  • ✅ Confirm CI security check passed

Best Practices for Users

Secure Configuration

When setting up Agent Orchestrator:

  1. Copy example config: cp agent-orchestrator.yaml.example agent-orchestrator.yaml
  2. Add real secrets: Edit agent-orchestrator.yaml with your actual tokens
  3. Never commit local config: It's in .gitignore — keep it there!
  4. Use secret management: Consider 1Password, AWS Secrets Manager, etc.

Required Secrets

Agent Orchestrator may require these secrets:

Service Environment Variable Where to Get
GitHub GITHUB_TOKEN https://github.com/settings/tokens
Linear LINEAR_API_KEY https://linear.app/settings/api
Slack SLACK_WEBHOOK_URL https://api.slack.com/messaging/webhooks
Anthropic ANTHROPIC_API_KEY https://console.anthropic.com/

Setting Environment Variables

macOS/Linux:

# In ~/.zshrc or ~/.bashrc
export GITHUB_TOKEN="ghp_xxxxx"
export LINEAR_API_KEY="lin_api_xxxxx"

Or use .env.local:

# In your project directory
echo 'GITHUB_TOKEN=ghp_xxxxx' >> .env.local
echo 'LINEAR_API_KEY=lin_api_xxxxx' >> .env.local

Protecting Your Secrets

  • ✅ Use strong, unique tokens for each service
  • ✅ Rotate tokens regularly (every 90 days)
  • ✅ Use minimal permissions (read-only when possible)
  • ✅ Store in a password manager
  • ❌ Never share tokens in chat, email, or screenshots
  • ❌ Never commit to git (public or private repos)
  • ❌ Never hardcode in shell scripts

Supported Versions

Version Supported
0.1.x

Security updates are provided for the latest version only.

Security Tools

This project uses:

License

This security policy is part of the Agent Orchestrator project and is licensed under the MIT License.

There aren’t any published security advisories