Security

Best practices for securing your Hybrix deployment. AI agents with tool access require careful permission management to prevent misuse.

Principle of least privilege

Only grant agents the skills they need. An agent that answers FAQ questions does not need shell execution. A code reviewer does not need device camera access.

Review each agent's skill list and remove any capabilities that are not essential to its role. This limits the blast radius if a prompt injection or model hallucination occurs.

Shell execution sandboxing

If an agent needs shell access, always configure an explicit allowlist. The denylist provides a safety net, but allowlists are the primary defense.

json

{
  "shellExec": {
    "allowlist": ["git *", "npm test", "npm run lint", "cat *"],
    "denylist": ["rm -rf *", "sudo *", "curl * | sh", "wget *"],
    "confirmDangerous": true,
    "timeout": 15000,
    "cwd": "./workspace"
  }
}

Never run Hybrix as root. If the gateway process has elevated privileges, so do all agent shell commands. Use a dedicated user account with minimal permissions.

API key management

Store all API keys in your .env file, never in configuration files or code. Reference them with the $VAR_NAME syntax in configs.

Rotate your LLM provider keys periodically. Set spending limits on your provider accounts to cap unexpected usage from runaway agents.

Run hybrix security audit to scan your configuration for common security issues: missing allowlists, exposed secrets, and overly permissive agent skills.

Network security

By default, Hybrix binds to 127.0.0.1 (localhost only). To expose it on a network, change the host to 0.0.0.0 and ensure you have:

OAuth authentication enabled
HTTPS via a reverse proxy (nginx, Caddy)
CORS configured to only allow your domains
Rate limiting on the API endpoints

← OAuth & SSO Troubleshooting →