If you discover a security vulnerability in Alex Cognitive Architecture, please report it responsibly:

Email: Create a private security advisory on GitHub

1. Description of the vulnerability
2. Steps to reproduce the issue
3. Affected versions
4. Potential impact
5. Suggested fix (if applicable)

1. Acknowledgment — We'll confirm receipt of your report
2. Investigation — We'll investigate and validate the issue
3. Fix Development — We'll develop and test a fix
4. Disclosure — We'll coordinate disclosure with you
5. Credit — We'll credit you in the release notes (unless you prefer anonymity)

• Local-first design — Data stays on your machine by default
• No telemetry — We don't collect usage data
• Minimal dependencies — Reduced supply chain attack surface
• VS Code sandbox — Extension runs in VS Code's security sandbox

• SecretStorage API — API keys stored encrypted via VS Code
• No hardcoded secrets — All credentials externalized
• Transient tokens — Session tokens not persisted

• HTTPS/WSS only — All external communication encrypted
• Minimal external calls — Only Edge TTS and GitHub (opt-in)
• No data exfiltration — Your code never leaves your machine

• Content Security Policy (CSP) — Prevents XSS attacks
• No inline scripts — All JavaScript in separate files
• Sanitized HTML — User content escaped before rendering

Alex uses VS Code agent hooks (.github/hooks.json) to automate cognitive workflows. These hooks execute shell commands at session start/stop and before/after tool use.

⚠️ macOS/Linux Users: Enable terminal sandboxing to restrict what hook commands can access:

// .vscode/settings.json
{
  "chat.tools.terminal.sandbox.enabled": true,
  "chat.tools.terminal.sandbox.macFileSystem": {
    "allowWrite": ["."],
    "denyWrite": ["./.github/config/MASTER-ALEX-PROTECTED.json"]
  },
  "chat.tools.terminal.sandbox.linuxFileSystem": {
    "mode": "project"
  }
}

Sandbox Settings:

Windows Users: Terminal sandboxing is not available on Windows. Hooks execute in the normal VS Code terminal context. Use the Master Alex Protected marker (.github/config/MASTER-ALEX-PROTECTED.json) as a safety gate.

VS Code's Autopilot mode (chat.autopilot.enabled) allows the agent to execute tool calls without manual approval. Alex ships with safety hooks that enforce boundaries even in non-interactive mode.

All safety hooks use decision: "deny" (not warn) — they block the action even when the user is not present to confirm.

Set "chat.autopilot.enabled": false in .vscode/settings.json to return to manual approval mode.

We regularly audit dependencies:

# Check for vulnerabilities
npm audit

# Update dependencies
npm update

All changes undergo review for:

• Hardcoded secrets
• Unsafe operations (eval, dynamic requires)
• XSS vulnerabilities in webviews
• Path traversal risks

• npm audit passes
• Dependencies updated
• Security-focused code review completed
• alex_docs/audits/COMPLIANCE-AUDIT.md updated

In case of a security incident:

1. Contain — Disable affected functionality
2. Investigate — Determine scope and impact
3. Fix — Develop and test remediation
4. Release — Publish patched version
5. Notify — Inform affected users
6. Review — Post-mortem and process improvement

Thank you for helping keep Alex safe!