Skip to content

Security: chendbox/mlis

Security

SECURITY.md

Security Policy

MLIS is a reference implementation and local-first demo of ML inference platform control-plane patterns. It is not currently offered with production security support or SLA.

Reporting a Vulnerability

Please open a private security advisory on GitHub if available, or contact the maintainer through the repository profile.

Include:

  • affected component
  • reproduction steps
  • expected impact
  • whether credentials, tenant isolation, worker identity, or artifact access are involved

Scope

Security-sensitive areas include:

  • JWT authentication and authorization
  • tenant isolation
  • worker registration and worker JWTs
  • dispatch token validation
  • job and artifact access control
  • audit event emission
  • Kubernetes and Docker deployment templates

Local Secrets

Values in .env.example, tests, and README examples are local development placeholders only. Do not reuse demo secrets in shared or production environments.

There aren't any published security advisories