clawd/antfarm/SECURITY.md

Security

Antfarm workflows run AI agents on your machine. That's powerful — and it means security matters.

How we keep things safe

Curated repository only

Antfarm only installs workflows from this official repository (snarktank/antfarm). There is no mechanism to install workflows from arbitrary URLs, third-party repos, or remote sources. If it's not in this repo, it doesn't run.

Every workflow is reviewed

All workflow submissions — including community PRs — go through security review before merging. We specifically check for:

• Prompt injection — instructions designed to hijack agent behavior, override safety boundaries, or exfiltrate data
• Malicious skill files — SKILL.md, AGENTS.md, or other workspace files that could trick agents into running harmful commands
• Privilege escalation — workflows that attempt to access resources beyond their intended scope
• Data exfiltration — any attempt to send private data to external services

Transparent by design

Every workflow is plain YAML and Markdown. No compiled code, no obfuscated logic. You can read exactly what each agent will do before you install it.

Agent isolation

Each agent runs in its own isolated OpenClaw session with a dedicated workspace. Agents only have access to the tools and files defined in their workflow configuration.

Contributing workflows

We actively encourage community contributions. To submit a new workflow:

1. Fork this repo
2. Create your workflow in workflows/
3. Submit a PR with a clear description of what it does
4. All PRs go through security review before merging

See docs/creating-workflows.md for the full guide.

Reporting vulnerabilities

If you find a security issue in Antfarm, please report it responsibly:

• Email: Ryan@ryancarson.com
• Do not open a public issue for security vulnerabilities

We'll acknowledge receipt within 48 hours and work with you on a fix.