Please do not report security vulnerabilities through public GitHub issues.

If you discover a security vulnerability in MOTO, please report it privately:

Email security reports to: security@intrafere.com

Include in your report:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

• Acknowledgment: Within 48 hours
• Initial Assessment: Within 5 business days
• Status Updates: Every 7 days until resolved
• Fix Release: Depends on severity (critical: 7 days; high: 30 days; medium: 90 days)

NEVER commit API keys to the repository:

• OpenRouter API keys should be entered through the UI only
• Keys are stored in browser localStorage, not in code
• Use .gitignore to exclude sensitive data files
• Check .gitignore includes backend/data/ subdirectories

Local model hosting:

• LM Studio runs on localhost (127.0.0.1:1234)
• No external network access required for local models
• Models execute on your machine only
• No data leaves your system when using LM Studio exclusively

When using OpenRouter:

• Your API key is sent only to OpenRouter API endpoints
• Research content may be sent to OpenRouter for model inference
• Review OpenRouter's privacy policy: https://openrouter.ai/privacy
• Free models may require data sharing consent (check privacy settings)
• Paid models typically have stricter privacy protections

AI-generated papers contain disclaimers:

• All generated content is for informational purposes only
• Papers include "AUTONOMOUS AI SOLUTION" disclaimers
• Content has not been peer-reviewed
• May contain fabricated or unverified claims presented with high confidence
• All content should be independently verified before use

Component: frontend/src/components/LatexRenderer.jsx

Protection: DOMPurify sanitization

• All LaTeX-rendered content is sanitized before display
• Prevents malicious script injection in generated papers
• Configuration blocks: <script>, <iframe>, <form>, event handlers
• See .cursor/rules/latex-renderer.mdc for details

Status: ✅ Fixed (DOMPurify v3.2.4+ includes CVE-2025-26791 fix)

Component: backend/api/routes/download.py + frontend/src/utils/downloadHelpers.js

Approach: Backend Playwright (headless Chromium) PDF rendering

• All content is DOMPurify-sanitized on the frontend before being sent to the backend
• Backend receives only sanitized HTML — no raw LLM output ever reaches the PDF renderer
• User-supplied metadata (title, outline) is HTML-escaped via _escape_html() before interpolation into the HTML template
• Playwright runs as an isolated subprocess — no impact on the FastAPI event loop
• html2pdf.js and jspdf (and their CVEs) have been removed entirely

Status: ✅ Secure (html2pdf.js and jspdf CVEs eliminated by removal)

Component: backend/shared/json_parser.py

Protection:

• Sanitizes LLM outputs before parsing
• Removes reasoning tokens, markdown wrappers, control tokens
• Validates structure before execution
• Rejects truncated or malformed JSON

Component: backend/api/routes/aggregator.py

Protection:

• Files stored in isolated backend/data/user_uploads/ directory
• No code execution on uploaded files
• Files processed as text only
• Maximum file size enforced by FastAPI

2026-03-20: PDF generation migrated from html2pdf.js/jspdf to Playwright (headless Chromium)

• Removed html2pdf.js and jspdf and all associated CVEs from the dependency tree
• PDF generation now runs server-side via Playwright in a thread pool (non-blocking)
• DOMPurify sanitization still applied client-side before content is sent to the backend
• Eliminates GHSA-w8x4-x68c-m6fc (html2pdf.js XSS), CVE-2025-68428 and CVE-2026-24737 (jspdf)

2026-01-15: html2pdf.js XSS vulnerability (GHSA-w8x4-x68c-m6fc)

• Updated html2pdf.js from v0.12.1 to v0.14.0
• Affects PDF download functionality in all components
• See COMMITS_PENDING.txt for details

2025-12-20: jspdf LFI/Path Traversal (CVE-2025-68428)

• Pinned jspdf to v4.1.0 via overrides
• Affects PDF generation in all download features
• Both direct dependency and npm overrides enforce v4.1.0

2025-12-15: DOMPurify mXSS vulnerability (CVE-2025-26791)

• Updated DOMPurify to v3.2.4
• Affects all LaTeX rendering components
• Prevents mutation XSS attacks

We use:

• npm audit for frontend dependencies
• pip-audit for Python dependencies (recommended)
• Dependabot (GitHub) for automated vulnerability alerts

Security-sensitive dependencies reviewed regularly:

• dompurify (HTML sanitization)
• playwright (headless Chromium PDF generation)
• fastapi (API framework)
• chromadb (vector database)

# Check for vulnerabilities
npm audit                    # Frontend
pip-audit                    # Backend (requires: pip install pip-audit)

# Update dependencies
npm update                   # Frontend
pip install --upgrade -r requirements.txt  # Backend

1. Never hardcode secrets - use environment variables or UI configuration
2. Sanitize all user inputs - especially in prompts and file uploads
3. Validate LLM outputs - use structured JSON schemas
4. Use DOMPurify for any HTML rendering of untrusted content
5. Review .gitignore - ensure sensitive files are excluded
6. Test with malicious inputs - verify sanitization works
7. Update dependencies regularly - check for security advisories

Before merging:

• No hardcoded API keys or secrets
• User inputs are sanitized
• LLM outputs are validated
• HTML content uses DOMPurify
• Dependencies are up to date
• No new security warnings from npm audit
• Sensitive data excluded by .gitignore

• Security vulnerabilities in MOTO code
• Dependency vulnerabilities
• XSS, injection, or code execution issues
• Data leakage or privacy concerns
• Authentication/authorization issues (if applicable)

• Issues in third-party services (LM Studio, OpenRouter)
• Model-generated content quality (including incorrect LaTeX)
• Performance optimization
• Feature requests (use the discussion section of the GitHub)
• General support questions

• OWASP Top 10: https://owasp.org/www-project-top-ten/
• GitHub Security Advisories: https://github.com/advisories
• npm Security Advisories: https://www.npmjs.com/advisories
• DOMPurify: https://github.com/cure53/DOMPurify
• Python Security: https://python.org/dev/security/

We credit security researchers who responsibly disclose vulnerabilities:

• Reports will be acknowledged in release notes (unless reporter prefers anonymity)
• Significant findings may be eligible for recognition on our website

Thank you for helping keep MOTO secure! 🔒

For non-security issues, please use GitHub Issues: https://github.com/Intrafere/MOTO-Autonomous-ASI/issues