MLIS is a reference implementation and local-first demo of ML inference platform control-plane patterns. It is not currently offered with production security support or SLA.
Please open a private security advisory on GitHub if available, or contact the maintainer through the repository profile.
Include:
- affected component
- reproduction steps
- expected impact
- whether credentials, tenant isolation, worker identity, or artifact access are involved
Security-sensitive areas include:
- JWT authentication and authorization
- tenant isolation
- worker registration and worker JWTs
- dispatch token validation
- job and artifact access control
- audit event emission
- Kubernetes and Docker deployment templates
Values in .env.example, tests, and README examples are local development placeholders only. Do not reuse demo secrets in shared or production environments.