Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Instead, use one of the following private channels:
- GitHub private vulnerability reporting (preferred for this repo). Go to the Security tab of this repository and click "Report a vulnerability". This opens a private advisory visible only to you and the maintainers.
- UiPath Bug Bounty / HackerOne. For UiPath's coordinated disclosure program, report through HackerOne or email hackerone@uipath.com.
- UiPath Trust. For other security or trust queries, use trust.uipath.com or email trust@uipath.com.
Please include as much of the following as you can:
- A description of the vulnerability and its impact.
- Steps to reproduce (proof-of-concept, affected version/commit, configuration).
- The component involved (e.g. sandbox/agent execution,
agent_judgecriterion, Docker isolation layer, telemetry). - Any suggested remediation.
- We will acknowledge your report within 5 business days.
- We will provide an assessment and expected timeline for a fix, and keep you informed of progress.
- We will credit you in the advisory once a fix is released, unless you prefer to remain anonymous.
Please give us a reasonable opportunity to remediate before any public disclosure (coordinated disclosure).
coder_eval executes AI-coding-agent output and evaluator-authored commands. A
few areas are security-sensitive by design and are the most valuable to review:
- Sandbox / agent execution — agents run shell commands; isolation is provided by the Docker driver and the sandbox layer.
agent_judgecriterion — spawns a Claude Code SDK agent with tool access using evaluator credentials; treat its inputs as a trust boundary.- Telemetry — anonymous usage telemetry is emitted to an Application Insights
resource; it is on by default and can be disabled with
TELEMETRY_ENABLED=false(see the User Guide).
This project is pre-1.0; security fixes are applied to the latest release on the
main branch. There is no long-term support for older versions.