This document outlines how we handle security vulnerabilities and maintain the security of the openclaw-workspace-sowork project.
Instead, please report security issues responsibly by:
- Email: Send details to the project maintainer
-
- GitHub Security Advisory: Use GitHub's private vulnerability reporting feature
-
-
Response Time: We aim to respond to reports within 48 hours
-
- Clear description of the vulnerability
-
- Steps to reproduce (if applicable)
-
- Potential impact
-
- Suggested fix (if you have one)
-
-
Your contact information
-
- MEMORY.md is intentionally security-gated and only loads in main sessions
-
- MEMORY.md is never loaded in group chats or sub-agent sessions
-
- The
AGENTS.mdboot sequence explicitly gates: "Main session only: Read MEMORY.md" -
-
All memory files are stored in
memory/directory with separate access controls -
- All workspace files are plain Markdown — no executable code
- No external API calls in core workspace files
- No embedded scripts or potential injection vectors
-
Configuration is explicit and auditable
- Never commit API keys, tokens, or credentials
- Never commit personal memory files or conversation history
- All sensitive files are covered by
.gitignore -
Use environment variables for runtime secrets (see TOOLS.md)
-
The workspace implements Hermes-inspired five-layer learning with security at each level:
-
- Enterprise Level (
learn/enterprise/) - Organization-wide patterns (no PII) -
- Brand Level (
learn/brand/) - Brand guidelines and positioning (public-safe) -
- Department Level (
learn/department/) - Team-specific knowledge (internal-only) -
- Team Level (
learn/team/) - Direct team learnings (member-access) -
-
Personal Level (
learn/personal/) - Individual patterns (private-only) -
Each level has:
- Access control markers (
@public,@internal,@private) - Version tracking for auditing
-
Separation from MEMORY.md (confidential context)
- This workspace has zero production dependencies — it's pure configuration
- No npm packages, pip packages, or external binaries required
- Installation is purely file-copy based
-
No automated package updates needed
-
We maintain the following security measures:
- ✅ Secret scanning alerts enabled
- ✅ Dependabot alerts disabled (zero dependencies)
- ✅ Code scanning ready (optional, template-based)
⚠️ Private vulnerability reporting (recommended for users to enable)-
✅ Branch protection on main (enforced in settings)
-
| File | Contains | Risk Level | Security |
-
|------|----------|-----------|----------|
-
| AGENTS.md | Boot logic, routing | Low | Auditable, no execution |
-
| SOUL.md | Brand identity | Low | Non-sensitive config |
-
| MEMORY.md | Context & history | HIGH | Security-gated, main-session only |
-
| TOOLS.md | API configs | Medium | Env-var based, no hardcoding |
-
| USER.md | Team preferences | Low | General knowledge, no PII |
-
| memory/* | Session logs | HIGH | Local storage, not version-controlled |
-
| outputs/* | Agent output | Medium | May contain generated content |
-
If a security incident is discovered:
-
- Report it via the vulnerability disclosure process above
-
- We will investigate and provide an update within 48 hours
- A patch will be released if needed
-
We will credit the reporter (unless they prefer anonymity)
- This is a configuration template, not a security framework
- Users are responsible for securing their own
.envfiles and API keys - Deploy with proper authentication in production environments
-
Review all customizations for security implications
- Environment Variables: Store all credentials in
.envfiles (ignored by git) - Access Control: Use OS-level file permissions on
memory/andMEMORY.md - Regular Audits: Review workspace files for accidental credential leakage
- MEMORY Isolation: Ensure AGENTS.md security gates are not bypassed
-
Deployment: Use proper secret management in production (e.g., GitHub Secrets, HashiCorp Vault)
-
This workspace is designed to support:
- GDPR: Separate data layers prevent PII leakage
- SOC 2: Auditable configuration, no hidden operations
- ISO 27001: Clear access controls and logging
-
Internal policies: Customizable via USER.md and AGENTS.md
-
For security questions that are not vulnerability reports, please open a regular GitHub Issue with the
securitylabel.
-
- Team Level (
- Department Level (
- Brand Level (
- Enterprise Level (
-
- The
-
-