Please do not open a public GitHub issue with exploit details.

Email bguan@fiu.edu with a description, reproduction steps, and any suggested fix. We aim to acknowledge reports within 5 business days.

AgentLoom is an authoring-time governance framework (KG validators, propose-review workflow, dashboard). It does not ship production credentials. Deployers using AgentLoom Runtime separately should follow that repo's security guidance for database and API keys.