๐ Security Module
/docs/core-features/security-module
| Feature | CVE/Issue | Description |
|---|---|---|
| Password Hashing | CVE-2 | Secure bcrypt with 12+ rounds |
| Credential Generation | CVE-3 | Cryptographically secure API keys |
| Safe Command Execution | HIGH-1 | Allowlist-based command execution |
| Path Validation | HIGH-2 | Path traversal and symlink protection |
| Input Validation | General | Zod-based schema validation |
| Token Generation | General | HMAC-signed secure tokens |
| HTML Sanitization | XSS | Script and injection prevention |
| AIDefence | Threats | Prompt injection, jailbreak detection, PII scanning (<10ms) |
| Schema | Purpose |
|---|---|
SafeStringSchema | Basic safe string with length limits |
IdentifierSchema | Alphanumeric identifiers |
FilenameSchema | Safe filenames |
EmailSchema | Email addresses |
PasswordSchema | Secure passwords (8-72 chars) |
UUIDSchema | UUID v4 format |
HttpsUrlSchema | HTTPS URLs only |
SpawnAgentSchema | Agent spawn requests |
TaskInputSchema | Task definitions |