Skip to content

Security: jfrog/devin-plugin

Security

SECURITY.md

Security

Reporting a vulnerability

Please report security issues responsibly so we can address them before public disclosure.

Include steps to reproduce, affected versions or commits, and impact if known.

Scope

This repository ships a Devin CLI plugin (skills; MCP and Agent Guard configuration in later releases).

Do not commit secrets, API keys, or credentials. Skill runtime data under **/local-cache/ must not be checked into git.

There aren't any published security advisories