ProductionOS takes security seriously. If you discover a security vulnerability, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Email your findings to the maintainers via GitHub's private vulnerability reporting:
- Go to Security Advisories
- Click "Report a vulnerability"
- Provide a clear description of the vulnerability, steps to reproduce, and potential impact
- Acknowledgment: Within 48 hours of your report
- Assessment: Within 7 days, we will confirm the vulnerability and its severity
- Fix timeline: Critical vulnerabilities will be patched within 14 days
The following are in scope for security reports:
- Hook scripts (
hooks/) — command injection, path traversal, code injection - CLI tools (
bin/) — arbitrary code execution, privilege escalation - Install script (
bin/install.cjs) — supply chain risks, path traversal - Agent definitions (
agents/) — prompt injection that could affect host systems - Scripts (
scripts/) — SSRF, file access, command injection
- Issues in Claude Code itself (report to Anthropic)
- Denial of service via large inputs (this is a local tool)
- Issues requiring physical access to the machine
ProductionOS hooks execute in the user's shell environment. Key security properties:
- No network calls: No hook or script makes outbound network requests
- Local-only analytics: All telemetry is written to
~/.productionos/locally - Fail-closed guards: The
protected-file-guard.shblocks writes to sensitive files (.env, keys, certs) and fails closed ifjqis unavailable - Input sanitization: All hook JSON output uses
jq -n --argfor parameterized construction - Path validation: The installer validates
CLAUDE_CONFIG_DIRis within the home directory - URL validation: Scraper scripts only accept
https://URLs
| Version | Supported |
|---|---|
| 8.x | Yes |
| < 8.0 | No |