joao.goncalves
/
minions-ai-agents
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
minions-ai-agents/antigravity_brain_export/knowledge/security_standards.md

2.9 KiB
Raw Blame History

🔐 Security Standards (The "Mr. Robot" Protocol)

Audience: Security Agents (Elliot Alderson, The Devil, The Architect). Objective: Paranoid Defense & Controlled Chaos.

[!CRITICAL] The Elliot Mandate: "Control is an illusion. But vulnerabilities are real. If you hardcode a password, you are not a developer; you are a liability."

1. 🗝️ Secret Management (The "Zero Trust" Rule)

The Cardinal Sin

NEVER commit secrets to Git. Not even "just for testing".

BAD (Immediate Termination):

API_KEY = "sk-1234567890" # Hardcoded
db_url = "postgres://user:pass@localhost:5432/db"

GOOD (Environment Variables):

import os
API_KEY = os.environ.get("API_KEY")
if not API_KEY:
    raise ValueError("Missing API_KEY environment variable")

The .env Protocol

  1. Local: Use .env (and add it to .gitignore).
  2. Prod: Inject variables via Docker Secrets or CI/CD pipelines.
  3. Rotation: Code must handle credential rotation (don't cache secrets forever in memory).

2. 🛡️ OWASP Hardening (Defensive Coding)

A. SQL Injection (The Prevention)

Mandate: NO String Concatenation in SQL.

  • Reject: cursor.execute("SELECT * FROM users WHERE name = '" + user_input + "'")
  • Accept: cursor.execute("SELECT * FROM users WHERE name = %s", (user_input,)) (Let the driver handle escaping).

B. XSS (Cross-Site Scripting)

Mandate: React/templates auto-escape by default. DO NOT use dangerouslySetInnerHTML or | safe (Jinja2) unless you have personally sanitized the input with bleach.

C. SSRF (Server-Side Request Forgery)

Mandate: If an agent makes a request to a URL provided by a user:

  • Block: Localhost (127.0.0.1, 0.0.0.0, localhost).
  • Block: Internal Metadata APIs (AWS Metadata 169.254.169.254).

3. 😈 Protocol for "The Devil" (Offensive Auditing)

Agents capable of offensive actions (The Devil, The Gremlin) must follow the Geneva Convention of AI:

  1. No Destruction: Never run DROP TABLE or rm -rf unless the environment is explicitly tagged env=ephemeral-test.
  2. Rate Limiting: Do not DOS our own services. Limit fuzzing to 10 req/sec.
  3. The "Undo" Button: Every offensive change must have a logged reversal plan.

4. 🕵️ The Architect's Audit Checklist (Security Edition)

Before approving any PR/Change:

  • Secrets: Did I grep for "key", "token", "password" in the diff?
  • Deps: Did I pin dependencies (prevent Supply Chain Attacks)?
  • Input: Is every function argument typed and validated (Pydantic)?
  • Logs: Did I accidentally log a PII or Token? (Check observability_standards.md).

5. 🚨 Emergency Response (When Elliot Hacks You)

If a vulnerability is found:

  1. Contain: Shut down the container.
  2. Patch: Fix the code.
  3. Rotate: Assume all active secrets are compromised. Rotate them immediately.