diff options
| -rw-r--r-- | SECURITY.md | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md index 3a653d01c..93c7341ce 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -24,6 +24,7 @@ Server mode is opt-in only. When enabled, set `OPENCODE_SERVER_PASSWORD` to requ | **Sandbox escapes** | The permission system is not a sandbox (see above) | | **LLM provider data handling** | Data sent to your configured LLM provider is governed by their policies | | **MCP server behavior** | External MCP servers you configure are outside our trust boundary | +| **Malicious config files** | Users control their own config; modifying it is not an attack vector | --- |