@blundergoat/goat-flow/workflow/setup/reference/security-policy.md

AI coding agent harness and local dashboard for Claude Code, OpenAI Codex, Google Antigravity, and GitHub Copilot - setup audits, guardrails, structured skills, deny hooks, and persistent learning loops.

# Security Policy

This repo currently defines no project-specific security overrides.

`goat-security` may read this file as the canonical repo-local policy hook, but
an empty policy does not suppress observed exploit paths or downgrade verified
findings.

## Optional Inputs

- Approved crypto choices: none defined here.
- Auth model assumptions: none defined here.
- Secret classes and handling rules: none defined here.
- Deployment boundaries: none defined here.
- Forbidden third-party services/actions: none defined here.