This document outlines the security practices for Andor.
Andor is a VS Code extension that:
- Runs AI models via Puter.js API
- Has access to your workspace files
- Can execute terminal commands
- Can read and write files
VS Code Extension β Puter API (HTTPS) β AI Model Response
β
File System Operations
Terminal Commands
- Puter tokens are stored securely in VS Code's secret storage
- Tokens are never logged or exposed
- Tokens are only sent to Puter's API endpoints
- Andor only accesses files when explicitly requested by the AI
- File operations are logged in the extension host
- No files are sent to external services except through Puter API
- Terminal commands run in the integrated terminal
- Commands are visible in the terminal history
- No hidden or background execution
- Code snippets are sent to Puter's AI models
- Context files are included when relevant
- Note: Review Puter's privacy policy for data handling
- AI can suggest and run terminal commands
- Commands execute with your user permissions
- Recommendation: Review suggested commands before execution
- AI can write to any file in your workspace
- No sandboxing for file operations
- Recommendation: Use checkpoints to revert changes
If you discover a security vulnerability, please report it privately:
- Email: johnmuthee547@gmail.com
- Private Issue: Create a draft PR or private issue on GitHub
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any proof-of-concept code
- We aim to respond within 48 hours
- Critical issues will be prioritized
- We'll coordinate disclosure timelines
- Review AI Suggestions: Always review code changes before applying
- Use Checkpoints: Create checkpoints before major operations
- Monitor Terminal: Watch terminal command execution
- Secure Your Account: Use a strong Puter password
- Regular Updates: Keep the extension updated
- Principle of Least Privilege: Only request necessary permissions
- Input Validation: Validate all user inputs
- Secure Storage: Use VS Code's secure storage for secrets
- Audit Logs: Log sensitive operations for debugging
- Regular Security Reviews: Review code for security issues
- Checkpoints: Automatic state snapshots for easy rollback
- Command Visibility: All terminal commands are visible
- Edit History: Track all file modifications
- Error Handling: Graceful failure with error messages
- Model Selection: Choose which AI model to use
- Context Control: See which files are included in context
- Manual Approval: Review changes before applying
- Revert Capability: Undo any changes made by the AI
- Purpose: AI model API and authentication
- Data Handling: Review Puter Privacy Policy
- Security: HTTPS encrypted connections
- Authentication: Token-based auth with secure storage
- Security issues are triaged immediately
- Patches are developed and tested
- Updates are released as soon as possible
- Security advisories are published
- Updates will be announced in the changelog
- Critical issues may trigger automatic update notifications
- Follow @mutheejohnke for security announcements
We welcome security contributions:
- Security audits
- Vulnerability reports
- Security feature suggestions
- Documentation improvements
See CONTRIBUTING.md for general contribution guidelines.
This security policy is licensed under the MIT License, same as the project.
Thank you for helping keep Andor secure! π‘οΈ