KrakenD AI Assistant is a Claude Code plugin that provides Skills and an Architecture Agent for KrakenD configuration assistance. The plugin automatically manages the KrakenD MCP Server, which runs locally on your machine.

We recommend always using the latest version from the main branch for the most up-to-date security fixes.

Please do not report security vulnerabilities through public GitHub issues.

KrakenD takes cybersecurity seriously and follows a responsible disclosure process. We appreciate the security research community's help in keeping our software secure.

Email: [email protected]

• Include "KrakenD AI Assistant Security" in the subject line
• Provide detailed information about the vulnerability
• KrakenD will acknowledge receipt and provide next steps

When reporting a vulnerability, please include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if available)
• Your contact information
• Whether you want to be credited for the discovery

We ask security researchers to:

• ✅ Do allow KrakenD time to investigate and fix the issue
• ✅ Do provide detailed reproduction steps
• ✅ Do work with us to understand the impact
• ❌ Don't publish vulnerabilities before fixes are released
• ❌ Don't divulge exploit details or proof-of-concept code publicly
• ❌ Don't test against production systems

1. Acknowledgment: KrakenD acknowledges receipt and begins investigation
2. Verification: Team reproduces and confirms the vulnerability
3. CVE Assignment: Undisclosed CVE ID created if confirmed
4. Fix Development: Patch developed and tested
5. Release: Fix applied to latest version
6. Public Disclosure: Security advisory published via GitHub and newsletters

KrakenD offers non-monetary recognition:

• Credit in CVE ID (if desired)
• Public acknowledgment in release notes
• Addition to KrakenD Contributors GitHub organization
• Opportunity to engage with technical staff
• KrakenD merchandise

We aim to respond within:

• Critical vulnerabilities: 48 hours
• High severity: 1 week
• Medium/Low severity: 2 weeks

Patches will be released as soon as verified and tested.

What the plugin does:

• ✅ Downloads KrakenD MCP Server binary from GitHub Releases
• ✅ Verifies SHA256 checksums before installation
• ✅ Installs to plugin directory (no sudo required)
• ✅ Runs MCP server locally via stdio transport

Installation safety:

• Binary downloaded from official GitHub Releases only
• Checksum verification ensures integrity
• No elevated privileges needed
• No modifications outside plugin directory

The underlying MCP server security details are documented in the MCP Server SECURITY.md.

Key points:

• Runs locally with your user permissions
• No network ports exposed
• No remote access
• Processes KrakenD configurations locally

# Check current plugin version
# In Claude Code: /plugin list

# Update plugin
# In Claude Code: /plugin update krakend-ai-assistant

# MCP server binary is automatically managed by the plugin
# It will download the required version on SessionStart

# Plugin verifies checksums automatically
# Check installation log if concerned:
cat ~/.claude/plugins/krakend-ai-assistant/.install.log

The AI assistant helps create configurations, but always review:

• Authentication settings
• CORS policies
• Rate limiting
• Debug endpoints (disable in production)
• Security headers

• Only run in directories you trust
• Avoid running in directories with sensitive data
• Review any custom skills or agents before installing

# Plugin only writes to its own directory
ls -la ~/.claude/plugins/krakend-ai-assistant/

# MCP server binary location
ls -la ~/.claude/plugins/krakend-ai-assistant/servers/

• Checksum Verification: SHA256 verification of downloaded binaries
• Official Sources: Only downloads from github.com/krakend/mcp-server
• No Elevated Privileges: Runs entirely within user permissions
• Isolated Installation: Plugin directory only, no system modifications

See MCP Server SECURITY.md for details on:

• Input validation
• Safe file operations
• Error handling
• Configuration validation security

This plugin provides AI assistance but:

• Does not replace security audits
• Generated configs should be reviewed before deployment
• Use the audit_security skill for security checks

• Plugin assumes trusted local environment
• No authentication between Claude Code and MCP server
• Designed for single-user local development
• Not for remote or multi-tenant deployments

• Plugin depends on KrakenD MCP Server (separate project)
• MCP Server security: see MCP Server SECURITY.md
• Claude Code platform security: managed by Anthropic

We follow responsible disclosure practices:

1. Report received and acknowledged
2. Issue verified and severity assessed
3. Fix developed and tested
4. Security advisory published
5. Credit given to reporter (if desired)

• MCP Server Security: https://github.com/krakend/mcp-server/blob/main/SECURITY.md
• KrakenD Security Documentation: https://www.krakend.io/docs/authorization/
• MCP Protocol Security: https://modelcontextprotocol.io/docs/security

For security-related questions that are not vulnerabilities:

• Open a GitHub Discussion
• Join KrakenD Community

Last Updated: December 15, 2025 Policy Version: 1.0