Security And Adoption Boundary

Use this page when you need a short audit-facing answer about AGILAB adoption, security reporting, and hardening. It does not replace SECURITY.md; the repository security policy remains the source of truth for coordinated vulnerability disclosure.

Vulnerability reporting

Do not use public GitHub issues, discussions, pull requests, or comments for suspected vulnerabilities.

Use GitHub Private Vulnerability Reporting when it is available for the repository. If that private channel is unavailable to you, ask the maintainers for a private AGILAB security intake channel without sharing exploit details publicly. Share reproduction steps, exploit details, secrets, or sensitive logs only after a private channel has been confirmed.

Public GitHub issues are for non-sensitive product bugs, support questions, and post-fix follow-up only.

Adoption boundary

AGILAB is a trusted-operator experimentation workbench. It can install apps, generate and execute Python snippets, launch worker environments, orchestrate local or distributed runs, and optionally start UI, tracking, or local-model tooling. Treat apps, notebooks, generated snippets, and external app repositories as executable code until they have been reviewed.

Decision	Fit	Minimum controls
Go for controlled evaluation	Local research sandbox, internal demo, notebook-to-app migration, and reproducible validation with non-sensitive data.	Normal repository hygiene, one local first proof, and evidence under ~/log/execute.
Go conditionally for shared teams	Shared workstation, internal cluster, external apps repository, LLM connector, or sensitive business data.	Per-user isolation, explicit secrets management, TLS/auth for exposed services, app-repository allowlist and immutable pinning, SBOM plus vulnerability scan evidence, bounded resources, and a deployment threat model.
No-go as a standalone production platform	Public Streamlit exposure, open multi-tenant service, regulated production model serving, enterprise governance, online monitoring, drift detection, or sole MLOps control plane.	Pair AGILAB with a hardened production stack such as MLflow, Kubeflow, SageMaker, Dagster, Airflow, or an internal platform.

Operational checks

Before moving beyond a single-user proof, archive the profile-specific security and supply-chain evidence for the environment you will actually deploy:

uv --preview-features extra-build-dependencies run agilab security-check --profile shared --json > security-check.json
uv --preview-features extra-build-dependencies run python tools/profile_supply_chain_scan.py --profile all --run

Use strict mode when missing controls must fail the gate:

AGILAB_SECURITY_CHECK_STRICT=1 \
uv --preview-features extra-build-dependencies run python tools/workflow_parity.py --profile security-adoption

For public release evidence, use Release Proof. Treat it as bounded release evidence, not production certification for every remote cluster, GPU/cloud stack, private app repository, security posture, or long-running operation.

See also

• SECURITY.md in the GitHub repository for the coordinated disclosure policy.

• Quick-Start for the local first-proof route.

• Environment Variables for secret and UI bind environment variables.

• AGILab in the MLOps Toolchain for the production MLOps boundary.