agnes-the-ai-analyst

AI-Cognitive-Leap/agnes-the-ai-analyst

Fork 0

Commit graph

Author	SHA1	Message	Date
Petr Simecek	f593a151fc	docs(security): add padak-security.md audit report (#35 ) * docs(security): add padak-security.md — full audit report from 2026-04-22 Four-agent audit (secrets/SQLi/authz/SSRF, auth flows, UI wiring, data layer) deduped into one document. Top 5 to fix first, second/third/fourth tier by real exploitability, verified non-issues so we don't re-open them, and coverage gaps where automated scanners / pytest / Jira connector / infra were not touched. Missing /auth/password/reset is already tracked in padak/keboola_agent_cli#206; other top items (script sandbox RCE, rate-limit, backslash open-redirect, SSRF) still need their own issues. * docs(security): rephrase methodology description Replace "four parallel agents" with "parallel review passes over four scope areas" — same meaning, removes the overlap with agentic-AI terminology.	2026-04-22 16:31:13 +02:00

Author

SHA1

Message

Date

Petr Simecek

f593a151fc

docs(security): add padak-security.md audit report (#35 )

* docs(security): add padak-security.md — full audit report from 2026-04-22

Four-agent audit (secrets/SQLi/authz/SSRF, auth flows, UI wiring, data layer)
deduped into one document. Top 5 to fix first, second/third/fourth tier by
real exploitability, verified non-issues so we don't re-open them, and
coverage gaps where automated scanners / pytest / Jira connector / infra
were not touched.

Missing /auth/password/reset is already tracked in
padak/keboola_agent_cli#206; other top items (script sandbox RCE,
rate-limit, backslash open-redirect, SSRF) still need their own issues.

* docs(security): rephrase methodology description

Replace "four parallel agents" with "parallel review passes over four scope
areas" — same meaning, removes the overlap with agentic-AI terminology.

2026-04-22 16:31:13 +02:00

1 commit