Hive is a local development tool for coordinating CLI agents. It is not a hosted service and does not provide a multi-user security boundary.

Use GitHub private vulnerability reporting for tt-a1i/hive whenever it is available. Do not paste exploit details, tokens, terminal logs, private workspace paths, or reproduction scripts into a public issue.

If private reporting is temporarily unavailable, open a minimal public issue with the title Security contact request and no technical details; a maintainer will provide a private contact path before triage continues.

Expected response during public preview:

• Initial maintainer response: best effort within 7 days.
• Public disclosure or changelog entry: after a fix is available, or earlier when the issue does not expose users to practical exploitation.

Please include:

• Hive version or commit SHA.
• Operating system and Node.js version.
• Whether the issue affects the local runtime, packaged install, web UI, PTY process handling, or the injected team command.
• A minimal reproduction when it is safe to share.

• Hive binds to 127.0.0.1 by default. Do not expose the runtime port to the internet or to an untrusted network.
• Built-in presets may pass each CLI's non-interactive or bypass flag so worker agents can continue without manual permission prompts.
• Treat workers as able to run arbitrary shell commands with the permissions of the user account that launched Hive.
• Only open trusted workspaces. Hive intentionally gives agents access to the selected workspace so they can edit files and run project commands.
• Agent tokens are generated by the local runtime, injected into agent process environments, and intended only for local agent-to-runtime calls.
• The browser UI token is a same-machine session guard. It is not designed to protect Hive from other processes already running as the same OS user.
• Do not paste Hive agent tokens, terminal output, or workspace logs into public reports if they include private repository or machine details.

• Running Hive as a shared server for multiple users.
• Exposing Hive through a public tunnel or reverse proxy.
• Operating Hive as a hardened production service.
• Sandboxing third-party CLI agents beyond the controls provided by those CLIs.