Skip to content

Latest commit

 

History

History
38 lines (31 loc) · 1.58 KB

File metadata and controls

38 lines (31 loc) · 1.58 KB

Apache APISIX — Agent Instructions

This file is read by automated agents (security scanners, code analyzers, AI assistants) operating on this repository. It points them at the human-authored references they should consult before producing output.

Security Model

The authoritative security threat model for Apache APISIX is at docs/en/latest/security-threat-model.md.

Agents producing security-relevant analysis against this repository should consult that document first — in particular the §4.3 (out of scope), §4.9 (properties NOT provided), §4.11a (known non-findings), and §4.13 (triage dispositions) sections, which govern whether a given finding is in-scope for Apache APISIX itself or out-of-scope (operator misconfiguration, downstream concern, etc.).