canonical
Get started
Audits

Security work,in the open.

The threat model, internal review notes, and audit preparation live in the repository — versioned next to the code they describe.

What's published

Three kinds of material under docs/audits.

Threat model

The daemon-first boundary model every review assumes — read it first; findings make sense against it.

Internal reviews

Pre-production manual review notes and candidate-vulnerability audits of the core runtime.

External audit prep

The standing request template and evidence package for third-party auditors.

The standing rule

No production release without external audit.

It's written into the project plan as a hard constraint. Release gates also ship every bundle with checksums, an SBOM, and build provenance — so what auditors review is provably what you download.