From 66e33abd7b3f898610347fc95a9dec7a34687ce4 Mon Sep 17 00:00:00 2001 From: Aldo Date: Fri, 30 Jan 2026 17:27:22 -0600 Subject: [PATCH] Docs: mention weak gateway auth tokens --- docs/gateway/security/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/gateway/security/index.md b/docs/gateway/security/index.md index aa817dff9..dcd616913 100644 --- a/docs/gateway/security/index.md +++ b/docs/gateway/security/index.md @@ -41,7 +41,7 @@ Start with the smallest access that still works, then widen it as you gain confi - **Inbound access** (DM policies, group policies, allowlists): can strangers trigger the bot? - **Tool blast radius** (elevated tools + open rooms): could prompt injection turn into shell/file/network actions? -- **Network exposure** (Gateway bind/auth, Tailscale Serve/Funnel). +- **Network exposure** (Gateway bind/auth, Tailscale Serve/Funnel, weak/short auth tokens). - **Browser control exposure** (remote nodes, relay ports, remote CDP endpoints). - **Local disk hygiene** (permissions, symlinks, config includes, “synced folder” paths). - **Plugins** (extensions exist without an explicit allowlist).