Overview · ruvnet/agentic-flow · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

OS Command Injection in agentic-flow MCP server tools via unsanitized tool-parameter interpolation into execSync
GHSA-vcv2-r9jh-99m5 published Jun 18, 2026 by ruvnet

High

Learn more about advisories related to ruvnet/agentic-flow in the GitHub Advisory Database