# Security Policy The public AGILLM 4.3 path is designed for untrusted volunteer compute. - Volunteers connect outbound over HTTPS. - Volunteers do not receive SSH access, API keys, private hostnames, private checkpoint paths, or merge scripts. - Lease artifacts are SHA-256 checked before execution. - Result uploads land in quarantine. - A trusted validator must accept an update before it can be merged. - Public helpers should run with least privilege in a disposable work directory. Report issues through GitHub issues or by contacting the trusted AGILLM operator directly.