2.6 KiB
Security & Privacy
Network Activity
Agent Teams makes zero outbound network calls to third-party servers. There is no telemetry, analytics, tracking, or data exfiltration of any kind.
| Network activity | When | Mode | User-initiated |
|---|---|---|---|
| GitHub Releases API (auto-updater) | App launch | Electron only | No (automatic) |
| SSH connections | Settings > SSH | Electron only | Yes |
HTTP server (127.0.0.1 or 0.0.0.0) |
When enabled | Both | Yes |
Standalone / Docker mode
In standalone mode (Docker or node dist-standalone/index.cjs), the auto-updater and SSH features are disabled entirely. The only network activity is the HTTP server listening for incoming connections on the configured port.
Data Handling
- All session data is read locally from
~/.claude/— it never leaves your machine. - The app does not write to session files. Volume mounts in Docker use
:ro(read-only) by default. - Configuration is stored at
~/.claude/agent-teams-config.jsonon the local filesystem. - No data is sent to Anthropic, GitHub (other than the auto-updater in Electron mode), or any other third party.
Docker Network Isolation
For maximum trust, run the Docker container with --network none:
docker build -t agent-teams-ai -f docker/Dockerfile .
docker run --network none -p 3456:3456 -v ~/.claude:/data/.claude:ro agent-teams-ai
Or with Docker Compose, uncomment network_mode: "none" in docker/docker-compose.yml.
IPC & Input Validation
- Electron IPC and standalone HTTP handlers validate IDs, paths, and payloads at the boundary
- Project editing and write operations are constrained to the selected project root
- Read-only discovery may access local Claude data under
~/.claude/and app-owned state paths when needed - Path traversal attacks are blocked
- Sensitive config and credential-like paths are rejected or treated as protected targets
Supported Versions
Only the latest release is supported with security fixes.
Reporting a Vulnerability
Please report vulnerabilities privately and do not open public issues for undisclosed security problems.
Include:
- affected version/commit
- vulnerability description
- impact assessment
- reproduction steps or proof of concept
If you do not have a private contact path yet, open a minimal GitHub issue asking for a secure reporting channel without disclosing technical details.
Disclosure Process
- We will acknowledge reports as quickly as possible.
- We will validate, triage severity, and prepare a fix.
- We will coordinate a release and publish advisories when appropriate.