## Ignis0 Stage-0 Security Gap: Missing SECURITY.md Leaves Critical Capability Threat Model Undefined
The Ignis0 project, a foundational scaffold for a capability-based system, lacks a formal security policy, leaving critical boundaries and disclosure procedures undefined. This gap is particularly acute because the project's single security boundary is the capability dispatch table in `ignis0/src/capability.rs`. Without a documented threat model, potential reviewers and security researchers cannot assess which capabilities are trusted versus sandboxed, what the stage-0 trust boundary actually promises, or how to properly report a vulnerability.

The proposed `SECURITY.md` file aims to address this by explicitly defining the scope of the repository versus the `ignis0` substrate and outlining a threat model for stage-0 capabilities. This includes clarifying trust assumptions for the `INVOKE` mechanism, stating that built-ins like `gpu` and `inference` are currently stubs, and warning that the environment-variable registration path is for development only. Crucially, the document would state non-goals for the scaffold, explicitly declaring that `ignis0` has no sandbox, no proof checker, and no signed substances—effectively framing it as an unhardened research prototype.

To operationalize security, the policy would establish a disclosure process, specifying where to send vulnerability reports and setting a best-effort response window. It would also instruct reporters on what information to include, such as the commit SHA, reproduction form bytes, and the expected versus actual trap. This structure is essential for managing the inherent risks in a system where the primary security mechanism is a centralized capability table that has yet to be formally analyzed or hardened.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: security, open-source, vulnerability-disclosure, capability-model, threat-modeling
- **Credibility**: unverified
- **Published**: 2026-04-15 02:22:29
- **ID**: 64690
- **URL**: https://whisperx.ai/en/intel/64690