security.md

Security Guide

Version: 1.0 Last Updated: 2026-01-31

Comprehensive security guidelines for using Babysitter in development and production environments. This guide covers best practices for handling code, credentials, and network security.

---

Table of Contents

• Overview
• General Security
  • Production Setup
  • Authentication Configuration
• Credential Management
  • Environment Variables
  • Breakpoints for Sensitive Operations
  • Journal File Review
• Code Review Security
  • Reviewing Generated Code
  • Security Test Coverage
  • Security Scanning
• Network Security
• Compliance Considerations
• Related Documentation

---

Overview

Babysitter handles code generation, execution, and may interact with credentials during workflows. Following proper security practices ensures that:

• Sensitive data is not exposed in logs or version control
• Production systems are protected through approval gates
• Network services are properly secured
• Audit trails are maintained for compliance

---

General Security

Best Practices

DO:

• Review all code changes before final approval
• Use breakpoints before deploying to production
• Keep .a5c/ directories out of version control (add to .gitignore)
• Regularly update to latest versions
• Run with least privilege necessary

DON'T:

• Commit .a5c/ directories with sensitive data
• Run untrusted process definitions without review
• Store credentials in journal files

.gitignore Configuration

Ensure your .gitignore includes:

# Babysitter run data
.a5c/

# Environment files with secrets
.env
.env.local
.env.*.local

# Credentials
*.pem
*.key
credentials.json

---

Credential Management

Environment Variables

Use environment variables for secrets (recommended):

// In process definition
const apiKey = process.env.API_KEY;
await ctx.task(deployTask, { apiKey });

Never hardcode credentials:

// BAD - Don't do this!
const apiKey = "sk-1234567890abcdef";

// GOOD - Use environment variables
const apiKey = process.env.API_KEY;

Breakpoints for Sensitive Operations

Use breakpoints to require human approval for sensitive operations:

await ctx.breakpoint({
  question: 'Deploy with production credentials?',
  title: 'Production Deployment',
  context: { environment: 'production', critical: true }
});

Journal File Review

Review journal files before sharing to ensure no secrets were leaked:

# Check for leaked secrets
grep -i "password\|secret\|key\|token" .a5c/runs/*/journal/journal.jsonl

Security tip: Always set BABYSITTER_ALLOW_SECRET_LOGS=false in production to prevent sensitive data from appearing in logs.

---

Code Review Security

Reviewing Generated Code

Before approving breakpoints, review generated code for security issues:

• SQL injection vulnerabilities - Ensure parameterized queries are used
• XSS vulnerabilities - Check for proper output encoding
• Insecure dependencies - Review any new package additions
• Hardcoded secrets - Scan for API keys, passwords, tokens

Security Test Coverage

Check test coverage for security-related tests:

• Authentication tests
• Authorization tests
• Input validation tests
• Error handling tests

Security Scanning

Run security scans before approval:

const security = await ctx.task(securityScanTask, {
  tools: ['npm audit', 'eslint-plugin-security']
});

Recommended security tools:

Tool	Purpose
npm audit	Dependency vulnerability scanning
eslint-plugin-security	Static analysis for security issues
snyk	Comprehensive vulnerability detection
semgrep	Code pattern matching for security

---

Network Security

For Distributed Teams

1. Use VPN for secure access
2. Implement authentication on all services
3. Use HTTPS for all external connections
4. Audit access logs regularly

Network Configuration Checklist

Requirement	Implementation
Local-only binding	--host 127.0.0.1
Access logging	Review service logs
Firewall rules	Restrict to known IPs/VPN

---

Compliance Considerations

For Regulated Environments

Babysitter provides several features that support compliance requirements:

Requirement	Babysitter Feature
Audit trail	Journal provides complete event history
Approval gates	Breakpoints create approval records
Access control	Limit who can approve production deployments
Data retention	Define policy for old run cleanup
Encryption	Encrypt .a5c/ directories if needed

Audit Trail

Every action in Babysitter is logged in the journal:

# View complete event history for a run
cat .a5c/runs/<runId>/journal/journal.jsonl | jq .

# Filter for approval events
jq 'select(.type=="BREAKPOINT_RELEASED")' .a5c/runs/*/journal/journal.jsonl

Data Retention Policy

Implement a cleanup policy for old runs:

# Example: Remove runs older than 30 days
find .a5c/runs -maxdepth 1 -type d -mtime +30 -exec rm -rf {} \;

Encryption at Rest

For sensitive environments, encrypt the .a5c/ directory:

# Using encrypted filesystem
# Mount encrypted volume at .a5c/

# Or use encryption tools
gpg --symmetric --cipher-algo AES256 .a5c/runs/sensitive-run/journal/journal.jsonl

---

Related Documentation

• Configuration Reference - Environment variables and settings
• CLI Reference - Command-line options
• Troubleshooting - Common issues and solutions
• Glossary - Term definitions