Caution
Goosetown is a multi-agent coordination framework that orchestrates goose agents. Because these agents can execute shell commands, run code, and interact with external services on your behalf, they carry inherent risk beyond typical chat-based LLM interactions. To minimize these risks, consider the following precautions:
- Run agents in a dedicated virtual machine or container with limited privileges.
- Always review code and actions generated by agents for accuracy before applying them.
- Avoid providing agents with sensitive or confidential information.
- For actions that may result in significant changes, require human confirmation.
- Break down complex instructions into smaller, isolated operations to limit blast radius.
Block recognizes the important contributions our open source community makes. Part of keeping Block and its customers safe is making sure that we find and fix any security issues found in our open source projects.
If you find a security vulnerability, we encourage you to privately report it in the repository's Security tab → Report a vulnerability.
Please see privately reporting a security vulnerability for more information.
For assistance or escalation, please contact the Block Open Source Governance Committee.