Skip to content

Security: JoshKappler/claim-wright

Security

SECURITY.md

Security

claimwright handles multi-tenant claim data, so its security gets tested the same way an attacker would test it: with autohack, an autonomous vulnerability hunter I built that hunts live bug-bounty programs on HackerOne, Immunefi, Huntr, Bugcrowd, and Intigriti. This repo can point that same engine at itself.

Run a white-hat session

python -m scripts.security_hunt              # ~30-min authorized hunt against this repo
python -m scripts.security_hunt --dry-run    # wire-check: build the prompts, spawn nothing
python -m scripts.security_hunt --timeout-min 10

It runs on the local claude CLI (Claude Max), so a session costs no API tokens. The report lands in docs/security/reports/.

How it works

scripts/security_hunt.py is a thin contact point that routes into autohack, which is the engine. The session is the real hunt pipeline, scoped to this repository:

  1. Recon maps the trust boundaries from docs/security/scope.md: per-tenant data isolation, the auth/session model, the SSE endpoints, on-demand Google Drive PDF streaming, file ingestion, outbound email, and the LLM boundary.
  2. Hunt spawns a scoped Claude session that reads the code, traces user input to dangerous sinks, and decides which paths are reachable in production.
  3. Adversarial self-review is the part that matters: a second Claude instance attacks each candidate finding from the opposite direction and tries to disprove it. Anything it can talk itself out of gets filtered. A false positive is treated as worse than a missed bug.
  4. Report is written in HackerOne format: confirmed findings up top, the adversarially-rejected candidates listed below them so the filter is visible.

Zero confirmed findings is a normal, expected result on a hardened codebase. The value is the documented attack surface and the falsification trail.

Scope

docs/security/scope.md is the in-scope description handed to the hunter. Edit it to steer where a session spends its time. The hunt is read-only against the working tree and writes scratch only under /tmp.

Requirements

autohack is the engine, so it has to be available: checked out next to claimwright, or at $AUTOHACK_DIR. Without it, scripts/security_hunt.py prints how to get it and exits; there is no offline fallback by design.

git clone https://github.com/JoshKappler/autohack ../autohack
cd ../autohack && npm install

Reporting a real issue

Found something in claimwright itself? Email security@example.com rather than opening a public issue.

There aren't any published security advisories