fix(security): add SECURITY.md to all packages, harden langchain crypto fallback

[imran-siddique]

Add SECURITY.md to all 29 subpackages linking to root security reporting guidance. Harden langchain-agentmesh crypto fallback with SecurityWarning when running in simulation mode. 30 files changed.

[github-actions]

🤖 AI Agent: security-scanner — Security Review of Pull Request

Security Review of Pull Request

This pull request introduces two main changes:

1. Adds SECURITY.md files to 29 subpackages, linking to the root repository's security reporting guidelines.
2. Updates the langchain-agentmesh package to include warnings about the use of an insecure cryptographic fallback mechanism when the cryptography package is not installed.

---

Findings

1. Prompt Injection Defense Bypass

• No issues found.
• The changes in this PR do not directly interact with prompt injection defenses.

2. Policy Engine Circumvention

• No issues found.
• The changes do not introduce any mechanisms to bypass policy enforcement.

3. Trust Chain Weaknesses

• Finding: 🔴 CRITICAL
  • The fallback mechanism in langchain-agentmesh for signing and verifying data when the cryptography library is not installed is insecure. Specifically:
    • The fallback signing mechanism uses a simple concatenation of the data and private key, followed by a SHA-256 hash. This is not a secure cryptographic signature and can be trivially forged by an attacker who knows the private key.
    • The fallback verification mechanism accepts any non-empty signature, which is a critical vulnerability. This effectively disables signature verification entirely, allowing attackers to bypass any security mechanisms that rely on signature validation.
  • While the warning added in the PR highlights the insecurity of the fallback mechanism, it does not prevent its use. This could lead to developers unknowingly deploying insecure configurations in production environments.
• Suggested Fix:
  • Remove the insecure fallback mechanism entirely. If the cryptography library is not installed, the system should fail securely and refuse to proceed with signing or verifying operations.
  • Alternatively, implement a secure fallback mechanism using a well-established cryptographic library that is bundled with the package (e.g., Python's hashlib or hmac for HMAC-based signing and verification).

4. Credential Exposure

• Finding: 🔴 CRITICAL
  • The fallback signing mechanism in langchain-agentmesh includes the private key in the signature computation (sig_input = f"{data}:{self.private_key}"). This could lead to inadvertent exposure of the private key if the sig_input or resulting signature is logged, stored, or transmitted insecurely.
• Suggested Fix:
  • As mentioned above, remove the insecure fallback mechanism entirely. If the cryptography library is not installed, the system should fail securely.
  • If a fallback mechanism is absolutely necessary, ensure that the private key is never included in any logged or transmitted data.

5. Sandbox Escape

• No issues found.
• The changes do not introduce any new mechanisms that could lead to a sandbox escape.

6. Deserialization Attacks

• No issues found.
• The changes do not involve deserialization of untrusted data.

7. Race Conditions

• No issues found.
• The changes do not introduce any new race conditions.

8. Supply Chain

• Finding: 🟡 MEDIUM
  • The PR introduces a dependency on the cryptography package (version >=44.0.0) for secure cryptographic operations. While cryptography is a widely used and trusted library, it is important to ensure that the dependency is pinned to a specific version or range of versions to avoid potential supply chain attacks or breaking changes in future releases.
• Suggested Fix:
  • Pin the cryptography dependency to a specific version or a well-defined range (e.g., cryptography>=44.0.0,<45.0.0) to reduce the risk of supply chain attacks or compatibility issues.

---

Summary of Findings and Recommendations

Finding	Severity	Recommendation
Insecure cryptographic fallback mechanism	🔴 CRITICAL	Remove the fallback mechanism or replace it with a secure implementation.
Potential private key exposure in fallback	🔴 CRITICAL	Remove the fallback mechanism or ensure private keys are never logged or exposed.
Unpinned cryptography dependency	🟡 MEDIUM	Pin the cryptography dependency to a specific version or range of versions.

---

Final Recommendation

This pull request introduces critical security vulnerabilities due to the insecure cryptographic fallback mechanism in the langchain-agentmesh package. While the addition of SECURITY.md files is a positive step, the fallback mechanism must be addressed before this PR can be approved.

[github-actions]

🤖 AI Agent: code-reviewer

Review Summary

This pull request introduces two main changes:

1. Adds a SECURITY.md file to all subpackages, linking to the root repository's security reporting guidelines.
2. Updates the langchain-agentmesh package to include a warning about the use of an insecure cryptographic fallback mechanism in simulation mode.

Below is a detailed review of the changes:

---

🔴 CRITICAL: Cryptographic Fallback in langchain-agentmesh

The fallback mechanism for cryptographic operations in langchain-agentmesh is not secure and could lead to severe security vulnerabilities if used in production. Specifically:

1. Simulation Mode Warning:

   • The warning added via warnings.warn is a good step, but it is insufficient to prevent misuse in production environments.
   • Developers may ignore warnings, especially if they are not familiar with the implications of using an insecure fallback.

2. Fallback Signature Generation:

   • The fallback mechanism uses a SHA-256 hash of the concatenated data and private key (sig_input = f"{data}:{self.private_key}"). This is not a cryptographically secure signature and could be trivially forged by an attacker who knows the format.

3. Fallback Signature Verification:

   • The fallback verification accepts any non-empty signature (return len(signature.signature) > 0). This effectively disables signature verification, which is a critical security flaw.

Recommendations:

• 🔴 Enforce secure cryptographic operations: Completely disable the fallback mechanism in production environments. Raise a RuntimeError if the cryptography package is not installed, rather than relying on warnings.
• 🔴 Environment-based enforcement: Use an environment variable or configuration flag to explicitly enable the insecure fallback for development or testing purposes. For example:

  if not CRYPTO_AVAILABLE and not os.getenv("ALLOW_INSECURE_CRYPTO"):
      raise RuntimeError(
          "cryptography package is not installed. Install it using "
          "'pip install langchain-agentmesh[crypto]' or pip install cryptography>=44.0.0"
      )

• 🔴 Improve documentation: Clearly document the risks of using the fallback mechanism in the README and other relevant documentation. Highlight that it is only for testing and not for production use.

---

🟡 WARNING: Backward Compatibility

The changes to langchain-agentmesh introduce new behavior (warnings and potential exceptions) when the cryptography package is not installed. This could break existing workflows where the fallback mechanism is currently being used without warnings or exceptions.

Recommendations:

• Provide a clear migration path for users who may be relying on the fallback mechanism.
• Consider releasing this change as a minor version update and include a detailed changelog entry explaining the new behavior.

---

💡 Suggestions for Improvement

1. Centralize SECURITY.md Files:

   • While adding SECURITY.md to each subpackage is helpful for visibility, it introduces redundancy and maintenance overhead. Consider using a symlink to the root SECURITY.md file instead of duplicating the content across all subpackages. This ensures that updates to the root SECURITY.md automatically propagate to all subpackages.

2. Use Custom Warning Class:

   • The SecurityWarning used in the warnings.warn call is not defined in the provided code. Define a custom warning class for better clarity:

     class SecurityWarning(UserWarning):
         pass

3. Add Tests for Warning and Fallback Behavior:

   • Add unit tests to ensure the warning is raised when the cryptography package is not installed.
   • Add tests to verify that the fallback mechanism is only used when explicitly enabled (e.g., via an environment variable).

4. Improve Documentation for Cryptographic Operations:

   • Expand the documentation in the langchain-agentmesh package to explain the cryptographic operations being performed, including the risks of using the fallback mechanism.

5. Consider Deprecating the Fallback Mechanism:

   • Long-term, consider removing the insecure fallback mechanism entirely. If cryptographic operations are critical to the functionality of the package, the cryptography package should be a required dependency.

---

Final Assessment

• The addition of SECURITY.md files is a positive step for improving security practices and transparency. However, using symlinks could simplify maintenance.
• The cryptographic fallback mechanism in langchain-agentmesh is a critical security risk and must be addressed before merging this PR.
• The changes to langchain-agentmesh may introduce breaking changes and should be clearly communicated to users.

Action Items

1. 🔴 Address the insecure cryptographic fallback mechanism in langchain-agentmesh as outlined above.
2. 🟡 Consider the potential backward compatibility impact and document the changes in the changelog.
3. 💡 Replace duplicated SECURITY.md files with symlinks to the root SECURITY.md.
4. 💡 Define a custom SecurityWarning class for better clarity.
5. 💡 Add unit tests for the new warning and fallback behavior.
6. 💡 Update documentation to highlight the risks of using the insecure fallback and provide guidance on installing the cryptography package.

Let me know if you need further clarification or assistance!