Adversary MCP Server

name: 🔒 Security Report description: Report a security vulnerability (use private reporting for sensitive issues) title: "[Security]: " labels: ["security", "triage"] body: - type: markdown attributes: value: | ⚠️ **SECURITY NOTICE** ⚠️ If this is a sensitive security vulnerability that could be exploited, please use GitHub's [private vulnerability reporting](https://github.com/brettbergin/adversary-mcp-server/security/advisories/new) instead of this public issue template. Use this template for: - Non-sensitive security improvements - Security feature requests - General security discussions - False positive reports - type: checkboxes attributes: label: Security Issue Type description: What type of security issue is this? options: - label: Vulnerability in the scanner itself - label: False positive in security detection - label: False negative (missed vulnerability) - label: Security rule improvement - label: Security configuration issue - label: Other security concern - type: textarea attributes: label: Issue Description description: | Describe the security issue or concern. If this is a vulnerability, explain the potential impact and attack vectors. validations: required: true - type: textarea attributes: label: Affected Component description: | Which part of the system is affected? placeholder: | - CLI tool - MCP server - Specific scanner (AST, LLM, Semgrep) - Security rules - Configuration system - Other: ... validations: required: true - type: dropdown attributes: label: Severity Assessment description: How would you rate the severity of this issue? options: - Low (minimal security impact) - Medium (moderate security concern) - High (significant security risk) - Critical (severe security vulnerability) validations: required: true - type: textarea attributes: label: Steps to Reproduce description: | If applicable, provide steps to reproduce the security issue. **Note**: For sensitive vulnerabilities, use private reporting instead. placeholder: | 1. Configure the tool with... 2. Run command... 3. Observe security issue... - type: textarea attributes: label: Evidence/Examples description: | Provide code examples, configuration files, or other evidence. **Remove any sensitive information** like real API keys, passwords, etc. render: text - type: textarea attributes: label: Environment Details description: | Environment where the security issue was discovered. value: | - OS: - Python Version: - Package Version: - Configuration: - Scanning Target: validations: required: true - type: textarea attributes: label: Suggested Fix description: | If you have suggestions for how to fix this issue, please describe them here. - type: textarea attributes: label: Security Impact description: | Describe the potential security impact if this issue is not addressed. Who could be affected and how? - type: checkboxes attributes: label: Disclosure description: Have you disclosed this issue elsewhere? options: - label: This issue has not been disclosed publicly - label: This issue has been reported through other channels - label: This issue is already known/documented - type: markdown attributes: value: | --- **Remember**: For sensitive security vulnerabilities, please use [private vulnerability reporting](https://github.com/brettbergin/adversary-mcp-server/security/advisories/new) to help us address the issue responsibly before public disclosure.