Security

Last updated: March 2026

About JamJet

JamJet is an open-source AI agent orchestration framework built in Rust. It provides deterministic, auditable multi-agent workflows for enterprise environments. The project is developed and maintained by JamJet Labs.

License

JamJet is released under the Apache License 2.0. The source code is publicly available on GitHub.

Responsible Disclosure

If you discover a security vulnerability in JamJet, we ask that you report it responsibly. Please do not open a public GitHub issue for security vulnerabilities.

Report vulnerabilities to: [email protected]

We aim to acknowledge reports within 48 hours and provide a fix or mitigation within 7 business days depending on severity. We will credit reporters in our release notes unless anonymity is requested.

Security Practices

• All runtime execution is local — no data is sent to external servers
• Workflow state and audit logs remain on your infrastructure
• No telemetry, no phone-home, no tracking in the runtime
• Dependencies are monitored for known vulnerabilities
• The website does not use cookies or collect personal data

Contact

General inquiries: [email protected]
Security issues: [email protected]