| Version | Supported |
|---|---|
| 2.x | Yes |
| 1.x | No |
Only the latest release receives security updates.
Do not open a public issue for security vulnerabilities.
Instead, use one of these channels:
- GitHub Security Advisories (preferred): Go to the Security tab and create a private advisory
- Email: Contact the maintainers directly
- Type of vulnerability (e.g., path traversal, prompt injection, arbitrary file write)
- Affected files or skills
- Steps to reproduce
- Proof of concept (if available)
- Impact assessment
| Stage | Timeline |
|---|---|
| Acknowledgment | 48 hours |
| Assessment | 7 days |
| Fix (critical) | 30 days |
| Fix (other) | 90 days |
- Vulnerabilities in Relay skill workflows (e.g., a skill that writes outside
.relay/) - Path traversal in file operations (archive, move, create)
- Prompt injection that causes skills to deviate from documented behavior
- Supply chain risks in the npm installer
- Information disclosure through skill outputs
- Vulnerabilities in Claude Code itself (report to Anthropic)
- Issues in user-created custom skills
- AI model behavior unrelated to Relay's skill instructions
- Denial of service through large projects (inherent to the tool)
- Review AI-generated code before committing
- Keep Relay updated to the latest version
- Use
.gitignoreto exclude sensitive files from.relay/scans - Run Relay in projects you trust — skills read and write files in your project directory