If you discover a security vulnerability in this plugin, please report it responsibly:
- Do not open a public issue
- Email the maintainers directly or use GitHub's private vulnerability reporting feature
- Include a detailed description of the vulnerability
- Provide steps to reproduce if possible
We will respond within 48 hours and work with you to understand and address the issue.
| Version | Supported |
|---|---|
| Latest | Yes |
This plugin is designed with security in mind:
- No external dependencies — All functionality is self-contained within Claude Code
- No data collection — Your prompts and outputs stay local to your Claude Code session
- No network calls — The plugin itself makes no network requests; all API calls are handled by Claude Code
- Open source — Full transparency for security audits
The Argus persona helps design defenses against prompt injection attacks in your agentic systems:
- Input validation and sanitization
- Structured output enforcement
- Capability restrictions
- Trust boundary definitions
This plugin:
- Does not store any user data
- Does not log prompts or outputs
- Does not transmit data to external services
- Operates entirely within Claude Code's security model
- Review generated architectures — Always review security recommendations before implementation
- Validate outputs — Use Argus outputs as a starting point, not a final solution
- Keep Claude Code updated — Security improvements are delivered through Claude Code updates
- Report issues — Help us improve by reporting any security concerns
Specifically designed for security architecture:
- Threat modeling
- Zero trust architecture
- Defense in depth patterns
- Authentication/authorization design
- Audit logging specifications
- Prompt injection defenses
Every persona includes:
- Safety guardrails in system prompts
- Scope restrictions to prevent off-topic behavior
- Clear boundaries for agent capabilities