This repository contains a Claude Code harness (configuration, prompts, workflows) rather than executable application code. Security considerations are different from traditional software:
| Traditional App | This Harness |
|---|---|
| Code vulnerabilities (XSS, SQL injection) | Prompt injection risks |
| Dependency exploits | Skill/command misuse potential |
| Authentication bypasses | Agent boundary violations |
| Data breaches | Sensitive data in prompts |
| Version | Supported | Notes |
|---|---|---|
| 2.0.x | ✅ | Current release |
| 1.x.x | ❌ | Deprecated, upgrade recommended |
When adopting this harness, be aware of:
- Replace ALL placeholders (
{{TICKET_PREFIX}},{{PROJECT_NAME}}, etc.) before use - Never commit secrets in placeholder values
- Use environment variables for sensitive configuration
- Agent prompts define tool restrictions for each role
- Review
.claude/agents/before deployment - Customize restrictions for your security requirements
- Skills in
.claude/skills/are loaded into Claude's context - Review skill content for any patterns that could leak sensitive info
- Custom skills should not contain credentials or internal URLs
- Hooks in
.claude/hooks-config.jsonexecute shell commands - Review all hook commands before enabling
- Test hooks in a sandboxed environment first
Please report:
- Prompt injection vectors in skills or commands
- Agent boundary bypasses that could escalate privileges
- Sensitive data exposure patterns in templates
- Hook command injection possibilities
- Documentation that encourages insecure practices
For sensitive security issues:
- Do NOT open a public GitHub issue
- Email: {{SECURITY_EMAIL}} (or your preferred contact)
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact assessment
- Suggested fix (if any)
For low-severity issues:
- Open a GitHub issue with the
securitylabel - Use the bug report template
| Stage | Timeline |
|---|---|
| Initial acknowledgment | Within 48 hours |
| Severity assessment | Within 1 week |
| Fix development | Depends on severity |
| Public disclosure | After fix is released |
- Accepted: We'll work on a fix, credit you in the changelog (unless you prefer anonymity), and coordinate disclosure timing with you.
- Declined: We'll explain why we don't consider it a security issue and suggest alternatives (e.g., documentation update, feature request).
cat .claude/agents/*.md
cat .claude/hooks-config.json
grep -r "password|secret|key|token" .claude/skills/### During Use
- Don't paste secrets into Claude conversations
- Review agent outputs before executing suggested commands
- Use the RTE agent for release-critical operations (has additional checks)
- Enable hooks for automatic guardrails
- Audit skill changes in code review
- Restrict who can modify
.claude/directory - Log agent invocations if required for compliance
- Train team members on prompt security basics
- All files in
.claude/directory - Agent definitions in
AGENTS.md - Workflow templates and patterns
- Documentation that could lead to insecure implementations
- Claude Code itself (report to Anthropic)
- Your project's application code
- Third-party integrations you add
- Issues in example/case study content (marked with 📚 EXAMPLE)
We appreciate responsible disclosure and will acknowledge security researchers who help improve this project (with permission).
This security policy follows the GitHub Security Policy Guidelines.
Last updated: December 2025 | Version 2.0