Please do NOT open a public issue for security vulnerabilities.

If you discover a security vulnerability in KalGuard, please report it responsibly:

1. Email: Send details to security@kalguard.dev
2. GitHub Security Advisory: Create a private advisory

• Description of the vulnerability
• Steps to reproduce
• Affected package(s) and version(s)
• Potential impact assessment
• Suggested fix (if any)

The following are in scope for security reports:

• kalguard-core — Policy engine bypass, prompt firewall evasion, token validation flaws
• kalguard-sdk — Authentication bypass, credential leakage
• kalguard-sidecar — HTTP server vulnerabilities, sandbox escape, audit log tampering
• kalguard — Any re-export that masks a vulnerability

• Vulnerabilities in dependencies (report upstream; we will update promptly)
• Denial-of-service attacks against local development servers
• Social engineering attacks

KalGuard is built with these security-first principles:

1. Fail Closed — All errors result in deny decisions
2. Zero Trust for Agents — Agents are untrusted by default
3. Least Privilege — Capability-scoped tokens with short TTLs
4. Defense in Depth — Policy + prompt firewall + tool mediation + audit
5. No Raw Error Exposure — Structured SecurityResponse objects only

We gratefully acknowledge security researchers who responsibly disclose vulnerabilities. Contributors will be credited in release notes (with permission).