core-lead/molecule-core
1
0
Fork 0
forked from molecule-ai/molecule-core
Code Pull Requests Activity
Files
226a5aeb6c2dd4e792972f75cfd57cd7b24dbc2d
molecule-core/docs
T
History
Molecule AI Security Auditor 3ca778f160 docs(security): SAFE-MCP audit report 2026-04-17 (issue #747) 
Adds docs/security/safe-mcp-audit-2026-04-17.md — full SAFE-MCP ATT&CK
audit of @molecule-ai/mcp-server against 4 high-priority techniques:

SAFE-T1102 (Supply chain):
  - NEW-003 HIGH: Unpinned npm MCP packages in .mcp.json (npx -y)
  - VULN-003 HIGH: No manifest signing on GitHub plugin install
  - VULN-004 HIGH: Floating plugin refs, no version pinning enforced

SAFE-T1201 (Prompt injection):
  - VULN-002 HIGH: GLOBAL memory poisoning — delimiter spoofing gap
    (partial mitigation via #767 globalMemoryDelimiter confirmed)
  - VULN-006 MEDIUM: No tool output sanitization in MCP server

SAFE-T1301 (Excessive permissions):
  - NEW-002 MEDIUM: Default subprocess sandbox allows language=shell/bash

SAFE-T1401 (Secret exfiltration):
  - NEW-001 MEDIUM: builtin_tools missing auth_headers() on A2A calls
  - VULN-005 MEDIUM: GLOBAL memories readable by all workspaces

Confirmed fix: VULN-001 (X-Workspace-ID system-caller forge, #761) CLOSED.

Closes #747.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-17 18:54:08 +00:00
..
.vitepress
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
adapters
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
agent-runtime
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
api-protocol
docs(platform-api): Breaking Changes section for PR #701 auth + validation
2026-04-17 12:44:11 +00:00
architecture
docs(wildcard-dns): address CEO review — KV cache, WebSocket, proxy trust
2026-04-17 10:17:43 -07:00
assets/branding
chore: replace brand icon and add HANDOFF.md
2026-04-13 13:03:40 -07:00
blog/2026-04-17-deploy-anywhere
docs(blog): deploy anywhere — Fly Machines + control plane provisioners
2026-04-17 00:38:06 +00:00
demo
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
development
docs: correct stale test counts in PR #9
2026-04-13 17:51:12 -07:00
edit-history
docs: sync CLAUDE.md + PLAN.md + edit-history with 2026-04-15 overnight sweep
2026-04-15 12:16:24 -07:00
frontend
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
guides
feat(platform): token management API + MCP setup + external agent guide
2026-04-16 08:37:42 -07:00
marketing
docs(competitors): downgrade Paperclip threat HIGH → MEDIUM (#581)
2026-04-17 00:45:53 +00:00
plugins
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
product
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
research
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
runbooks
Merge pull request #259 from Molecule-AI/docs/saas-secrets-resend
2026-04-15 13:49:34 -07:00
security
docs(security): SAFE-MCP audit report 2026-04-17 (issue #747)
2026-04-17 18:54:08 +00:00
tutorials
Merge pull request #578 from Molecule-AI/docs/devrel-feat-525
2026-04-16 18:47:17 -07:00
.gitignore
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
api-reference.md
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
architecture.md
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
ecosystem-research-outcomes.md
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
ecosystem-watch.md
chore(eco-watch): add BeeAI ACP + Claw Code — 2026-04-17
2026-04-17 17:07:25 +00:00
glossary.md
docs(glossary): add GitHub Awesome Copilot disambiguation section
2026-04-17 16:27:41 +00:00
index.md
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
known-issues.md
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
package-lock.json
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
package.json
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
quickstart.md
initial commit — Molecule AI platform
2026-04-13 11:55:37 -07:00
README.md
chore: structural cleanup — dead dirs, moves, gitignore
2026-04-13 14:06:52 -07:00
remote-workspaces-readiness.md
docs: update remote-workspaces-readiness for Phase 30.1 shipped status
2026-04-16 08:49:07 -07:00
workspace-runtime-package.md
chore: extract workspace runtime to PyPI + move adapter Dockerfiles to template repos
2026-04-16 04:33:10 -07:00

README.md

docs/

This directory serves two purposes:

  1. Markdown content — everything under architecture/, agent-runtime/, api-protocol/, development/, frontend/, plugins/, product/, etc. This is what agents and humans read.
  2. VitePress site.vitepress/config.ts, package.json, package-lock.json. These drive the rendered documentation site.

Local preview

cd docs
npm install
npm run dev      # preview on http://localhost:5173
npm run build    # static build to docs/.vitepress/dist/

Conventions

  • New top-level docs must be linked from PLAN.md, README.md, and CLAUDE.md — otherwise agents can't find them (see .claude/ memory feedback_cross_reference_docs.md).
  • edit-history/YYYY-MM-DD.md is append-only log of significant changes; don't rewrite history.
  • archive/ holds one-shot analyses and retired docs — kept for context but not maintained.

Why site tooling lives here (not in docs-site/)

VitePress expects its config at <root>/.vitepress/config.ts where <root> is also the content directory. Splitting tooling into a sibling docs-site/ would require a non-trivial srcDir shim and break relative links in .vitepress/config.ts. Keeping both together is the pragmatic choice; this README is the tradeoff ledger.

View Git Blame Copy Permalink