AgentFM is actively maintained. Below are the versions of the project that are currently supported with security updates. Because AgentFM operates as a decentralized peer-to-peer network, we strongly recommend always running the latest release to ensure your node remains secure.

We take the security of our peer-to-peer AI mesh grid very seriously. If you discover a security vulnerability in AgentFM, please DO NOT report it by creating a public GitHub issue.

Instead, please practice responsible disclosure and privately report it to our core team by emailing: info@agentfm.net

To help us verify and resolve the issue as quickly as possible, please include:

• A detailed description of the vulnerability and its potential impact (e.g., unauthorized node access, P2P network DDoS, remote code execution).
• Step-by-step instructions to reproduce the vulnerability.
• Your environment details (OS architecture, Go version, and AgentFM version).
• Any proof-of-concept (PoC) code, scripts, or network logs.

• Acknowledge: You will receive an initial confirmation of your report within 48 hours.
• Triage: Our maintainers will triage the report, verify the exploit, and determine its severity.
• Resolution: We will keep you updated on the progress of the patch and coordinate a public disclosure date with you once the fix is released to the community.

Thank you for helping keep the AgentFM grid secure and unstoppable!