If you discover a security vulnerability in Claude Agent Builder, please report it responsibly:

1. Do not open a public issue
2. Email: security@8mstudio.com
3. Include a description of the vulnerability and steps to reproduce

We will respond within 48 hours and work with you to address the issue.

This project generates configuration files for Claude Code agents. Security considerations include:

• Hook scripts: Agent Builder may generate shell scripts. Always review generated hook scripts before running them.
• Tool permissions: Generated agents may request broad tool access. Review the tools field in generated agent files.
• MCP server configs: Generated configs may include API keys or tokens. Never commit secrets to version control.

When using agents generated by this tool:

1. Review all generated files before installing
2. Use the validate_agents.py script to check for common issues
3. Start with restrictive tool permissions and expand as needed
4. Use hooks to add safety guardrails for dangerous operations
5. Never use bypassPermissions mode in production