Current safeguards
- Security headers set
X-Content-Type-Options: nosniff, a strict referrer policy, production HSTS, a permissions policy, clickjacking protection, and a conservative CSP without inline style or script allowances. - SSRF guardrails reject localhost, private IPs, link-local IPs, non-http(s) schemes, embedded credentials, and unsafe redirects for URL-fetching tools.
- Rate limits help protect public beta routes from overload and abuse.
- Bot probe traffic is classified separately in admin metrics so routine internet scanner noise does not hide product/API errors.
- Monitoring and alerting cover health, readiness, public discovery files, x402 challenge behavior, and public status without exposing private metrics or internals.
- Production environment validation checks required deployment configuration before startup.
- The repository includes a secret scanner and dependency audit command used in the validation flow.
- Request logging is structured and avoids raw user text by default.
Responsible disclosure
Report security issues through GitHub Security Advisories. The same contact path is published in /.well-known/security.txt.
Do not send secrets, live credentials, wallet keys, seed phrases, private customer data, or exploit payloads beyond what is needed to describe the issue safely.