Security

Public payloads are treated as world-readable and mirrorable.

Armory packages can be consumed by Omegon and by other agent runtimes in degraded form. That means package metadata, memory facts, manifests, and examples may become prompt context in downstream tools. Publication gates therefore lint the public package surface before release.

Linted risks

• raw API keys, tokens, passwords, and private keys;
• private IP addresses and hostnames;
• configured private topology terms;
• high-entropy token-shaped strings;
• private operational memory facts.

Policy

The scanner is configured by security/public-payload-lint.toml. Public Armory keeps this policy strict. Private or federated Armories should carry their own deny terms for local topology.

Why this matters

A leak in Armory is not just a website leak. It can propagate into exported instructions, generated project rules, mirrored OCI artifacts, model context windows, and downstream agent summaries.

References

• All packages
• Compatibility model
• Full source document