-
Notifications
You must be signed in to change notification settings - Fork 7
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
Skill Builder: Edit button clipped off-screen when a skill's name + description are long
bugSomething isn't workingSomething isn't workingStatus: Open.#261 In initializ/forge;Multimodal (image/document) input: forward A2A file/data parts to the model instead of silently dropping them
enhancementNew feature or requestNew feature or requestforge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)Status: Open.#255 In initializ/forge;Skill Builder (UI/TUI): adopt conversational interview + convergence architecture and structured-JSON output
documentationImprovements or additions to documentationImprovements or additions to documentationenhancementNew feature or requestNew feature or requestStatus: Open.#252 In initializ/forge;Skill-relative file resolution: read referenced markdown and execute referenced scripts (sh/py/js) from a skill's own directory
enhancementNew feature or requestNew feature or requestforge-cliAffects the forge-cli command-line tool (init, run, build, mcp commands)Affects the forge-cli command-line tool (init, run, build, mcp commands)forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)toolsAffects builtin or adapter tools (cli_execute, http_request, browser, etc.)Affects builtin or adapter tools (cli_execute, http_request, browser, etc.)Status: Open.#251 In initializ/forge;[ASI07] Inbound SPIFFE auth provider — JWT-SVID + X.509-SVID mTLS, validate against SPIRE trust bundle, authorize by SPIFFE ID (K8s)
asi07OWASP ASI07OWASP ASI07forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformanceplatformInitializ Platform (governance control plane) responsibilityInitializ Platform (governance control plane) responsibilitysecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#240 In initializ/forge;[audit-signing] Certifier client interface — default local (env key), SPIFFE Workload API backend (SPIRE/KMS-rooted, K8s)
asi10OWASP ASI10OWASP ASI10forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformanceplatformInitializ Platform (governance control plane) responsibilityInitializ Platform (governance control plane) responsibilitysecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#239 In initializ/forge;[ASI02] Platform-layer denied_command_patterns — operator-authored, org-wide command denial across all skills
asi02OWASP ASI02OWASP ASI02forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformanceplatformInitializ Platform (governance control plane) responsibilityInitializ Platform (governance control plane) responsibilitysecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#238 In initializ/forge;[ASI02] cli_execute workDir path confinement — reads escape to /etc/passwd (GAP-PATH)
asi02OWASP ASI02OWASP ASI02asi05OWASP ASI05OWASP ASI05forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformancesecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#235 In initializ/forge;[ASI05] Dependency-lockfile-poisoning guard (low) — close ASI05 residual
asi05OWASP ASI05OWASP ASI05forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformancesecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#234 In initializ/forge;[ASI08] Blast-radius quotas + circuit breaker (planner/executor) — close ASI08 #7
asi08OWASP ASI08OWASP ASI08forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformancesecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#233 In initializ/forge;[ASI03] Task-scoped short-lived tokens per invocation — close ASI03 #1
asi03OWASP ASI03OWASP ASI03forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformanceplatformInitializ Platform (governance control plane) responsibilityInitializ Platform (governance control plane) responsibilitysecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#232 In initializ/forge;[ASI02] MCP tool-name pinning / typosquat-resistant resolution — close ASI02 #7
asi02OWASP ASI02OWASP ASI02forge-coreAffects the forge-core library (runtime, security, types, llm, mcp, auth)Affects the forge-core library (runtime, security, types, llm, mcp, auth)owasp-asiOWASP Top 10 for Agentic Applications 2026 conformanceOWASP Top 10 for Agentic Applications 2026 conformancesecuritySecurity vulnerability fixesSecurity vulnerability fixesStatus: Open.#231 In initializ/forge;