PromptOS is an experimental, educational project. It is a proof-of-concept demonstrating what AI can build — it is not intended to be secure or production-ready.

The codebase was generated entirely by an AI (Claude Opus 4.5) with no prior OS security expertise guiding the implementation. There are almost certainly security vulnerabilities present, including but not limited to:

• Memory safety issues (buffer overflows, use-after-free, double-free)
• Race conditions in the kernel and IPC subsystems
• Cryptographic implementation errors
• Privilege escalation paths
• Denial-of-service vulnerabilities in network and filesystem code

Do not run PromptOS in any security-sensitive context. Use QEMU or Hyper-V in an isolated environment.

• Default user password: The built-in user database (kernel/security/userdb.c) ships with a default password of password. This is intentional for an experimental OS and simplifies testing.
• Crypto implementations: The AES, SHA-256, Ed25519, and TLS implementations are educational -- they have not been audited and should not be trusted for real-world security.

If you discover a security issue, please report it via a GitHub Issue with the label security.

Since this is an experimental project with no production users, we do not require private disclosure. However, if you believe a vulnerability could affect users who are running PromptOS on real hardware, feel free to open a private security advisory via GitHub's Security Advisories feature.

What to include:

• Description of the vulnerability
• Steps to reproduce (QEMU command line, kernel version, etc.)
• Potential impact
• Suggested fix (optional but appreciated)

Security analysis of PromptOS is actively encouraged as part of the project's educational mission. If you find something interesting, consider writing it up — whether as a GitHub issue, a blog post, or a PR with a fix.

This is genuinely interesting territory: what security mistakes does an AI make when building an OS from scratch?