cc-manager is a local development tool. It is designed to run on a developer's machine or within a trusted internal network. It has no authentication and should never be exposed to the public internet.
| Area | Status | Mitigation |
|---|---|---|
| Authentication | None | Local use only; restrict via firewall or reverse proxy |
| CORS | Open (all origins) | Restrict at reverse proxy level if needed |
| Webhook SSRF | Partial — blocks private/loopback IPs | DNS rebinding not prevented; use trusted endpoints only |
| Rate limiting | Static key ("direct") |
Does not trust x-forwarded-for; add --trust-proxy if behind proxy |
If you discover a security issue, please report it privately:
- Do NOT open a public issue.
- Email the maintainers or use GitHub Security Advisories.
- Include steps to reproduce and potential impact.
- We will respond within 7 days.
- Webhook URL validation: Blocks loopback, RFC 1918 private ranges, and link-local addresses.
- Rate limiting: 30 requests/minute per client on task submission endpoints.
- Input validation: Prompt length limits, timeout bounds, priority enum enforcement.
- Agent isolation: Each agent runs in an isolated git worktree.
CLAUDECODEandCLAUDE_CODE_*env vars are cleared to prevent Claude nesting. - SQLite WAL mode: Prevents database corruption under concurrent access.