Files
elizaos--eliza/packages/docs/security/INCIDENT-RUNBOOK.md
T
wehub-resource-sync 426e9eeabd
Benchmark Bridge Tests / benchmark (bunx @biomejs/biome check packages/lifeops-bench/src, benchmark-lint) (push) Waiting to run
Benchmark Bridge Tests / benchmark (bunx vitest run --config packages/lifeops-bench/vitest.config.ts --root packages/lifeops-bench --passWithNoTests, benchmark-tests) (push) Waiting to run
Build Agent Image / build-and-push (push) Waiting to run
Chat shell gestures / Chat shell gesture + parity e2e (push) Waiting to run
Cloud Gateway Discord / Test (push) Waiting to run
Cloud Gateway Webhook / Test (push) Waiting to run
Cloud Tests / lint-and-types (push) Waiting to run
Cloud Tests / unit-tests (push) Waiting to run
Cloud Tests / integration-tests (push) Waiting to run
Cloud Tests / e2e-tests (push) Blocked by required conditions
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Deploy Apps Worker (Product 2) / Determine environment (push) Waiting to run
Deploy Apps Worker (Product 2) / Deploy apps worker to apps-control host (${{ needs.determine-env.outputs.environment }}) (push) Blocked by required conditions
Deploy Eliza Provisioning Worker / Determine environment (push) Waiting to run
Deploy Eliza Provisioning Worker / Deploy worker to Hetzner host (${{ needs.determine-env.outputs.environment }} @ ${{ needs.determine-env.outputs.deployment_sha }}) (push) Blocked by required conditions
Dev Smoke / Classify changed paths (push) Waiting to run
Dev Smoke / bun run dev onboarding chat (push) Blocked by required conditions
Dev Smoke / Vite HMR dependency-level smoke (push) Blocked by required conditions
Electrobun Submodule Guard / electrobun gitlink is fetchable (push) Waiting to run
Publish @elizaos/example-code / check_npm (push) Waiting to run
Publish @elizaos/example-code / publish_npm (push) Blocked by required conditions
Publish @elizaos/plugin-elizacloud / verify_version (push) Waiting to run
Publish @elizaos/plugin-elizacloud / publish_npm (push) Blocked by required conditions
Sandbox Live Smoke / Sandbox live smoke (push) Waiting to run
Snap Build & Test / Build Snap (amd64) (push) Waiting to run
Snap Build & Test / Build Snap (arm64) (push) Waiting to run
supply-chain / sbom (push) Waiting to run
supply-chain / vulnerability-scan (push) Waiting to run
Build, Push & Deploy to Phala Cloud / build-and-push (push) Waiting to run
Test Packaging / Validate Packaging Configs (push) Waiting to run
Test Packaging / PyPI on Python ${{ matrix.python }} (push) Waiting to run
Test Packaging / Pack & Test JS Tarballs (push) Waiting to run
Test Packaging / elizaos CLI global-install smoke (node + bun) (push) Waiting to run
UI Fixture E2E / ui-fixture-e2e (push) Waiting to run
UI Fixture E2E / fixture-e2e (push) Waiting to run
UI Story Gate / story-gate (push) Waiting to run
vault-ci / test (macos-latest) (push) Waiting to run
vault-ci / test (ubuntu-latest) (push) Waiting to run
vault-ci / test (windows-latest) (push) Waiting to run
vault-ci / app-core wiring tests (push) Waiting to run
verify-patches / verify patches/CHECKSUMS.sha256 (push) Waiting to run
Voice Benchmark Smoke / voice-emotion fixture smoke (push) Waiting to run
Voice Benchmark Smoke / voiceagentbench fixture smoke (push) Waiting to run
Voice Benchmark Smoke / voicebench-quality unit smoke (push) Waiting to run
Voice Benchmark Smoke / voicebench TypeScript unit (no audio) (push) Waiting to run
Voice Benchmark Smoke / voice bench smoke summary (push) Blocked by required conditions
Windows CI / windows ([bun run --cwd packages/app-core test bun run --cwd packages/elizaos test bun run --cwd packages/cloud/shared test], app-and-cli) (push) Waiting to run
Windows CI / windows ([bun run --cwd packages/scenario-runner test bun run --cwd packages/vault test bun run --cwd packages/security test bun run --cwd plugins/plugin-coding-tools test], framework-packages) (push) Waiting to run
Windows CI / windows ([bun run --cwd plugins/plugin-elizacloud test bun run --cwd plugins/plugin-discord test bun run --cwd plugins/plugin-anthropic test bun run --cwd plugins/plugin-openai test bun run --cwd plugins/plugin-app-control test bun run --cwd plugins/pl… (push) Waiting to run
Windows CI / windows ([node packages/scripts/run-turbo.mjs run build --filter=@elizaos/core --filter=@elizaos/shared --filter=@elizaos/agent --concurrency=4 node packages/scripts/run-bash-linux-only.mjs scripts/verify-riscv64-buildpaths.sh node packages/scripts/run… (push) Waiting to run
Windows CI / windows ([node packages/scripts/run-turbo.mjs run typecheck --filter=@elizaos/core --filter=@elizaos/shared --filter=@elizaos/cloud-shared --concurrency=4 bun run --cwd packages/core test bun run --cwd packages/shared test], core-runtime, 75) (push) Waiting to run
Test Packaging / Build & Test PyPI Package (push) Waiting to run
Voice Workbench / headless workbench (mocked backends) (push) Has been cancelled
Voice Workbench / real acoustic lane (nightly, provisioned only) (push) Has been cancelled
ci / test (push) Has been cancelled
ci / lint-and-format (push) Has been cancelled
ci / build (push) Has been cancelled
ci / dev-startup (push) Has been cancelled
gitleaks / gitleaks (push) Has been cancelled
Markdown Links / Relative Markdown Links (push) Has been cancelled
Quality (Extended) / Homepage Build (PR smoke) (push) Has been cancelled
Quality (Extended) / Comment-only diff guard (push) Has been cancelled
Quality (Extended) / Format + Type Safety Ratchet (push) Has been cancelled
Quality (Extended) / Develop Gate (secret scan + UI determinism) (push) Has been cancelled
Quality (Extended) / Develop Gate (lint) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:43:05 +08:00

5.3 KiB

Mirror. Authoritative copy lives in the outer monorepo at ../docs/security/INCIDENT-RUNBOOK.md. Relative links below (../../POLICIES/...) resolve in the outer monorepo, not inside this submodule.

Incident Response Runbook

Operational playbook for the policy in ../../POLICIES/08-incident-response.md (POLICIES/08-incident-response.md).

On-call contacts (placeholders — fill in)

  • Primary on-call pager: <PagerDuty / Opsgenie URL>
  • Incident channel: #incident-active on <chat platform>
  • Status page: https://status.<eliza-domain>
  • Security Lead: security-lead@elizaos.ai (placeholder)
  • Legal: legal@elizaos.ai (placeholder)
  • Communications: comms@elizaos.ai (placeholder)

Phases (apply to every incident)

1. Detection

  • Source: alert from Prometheus rules (deploy/observability/prometheus/alerts/security.yml), customer report, internal report, automated scanner.
  • First responder acknowledges within the SLA in ../../POLICIES/08-incident-response.md (POLICIES/08-incident-response.md).

2. Triage

  • Open #incident-active; designate Incident Commander (IC).
  • Assign severity (SEV-0…3).
  • Open a timeline document (linked in the channel topic).
  • Page additional responders as needed (DB, networking, KMS, legal).

3. Contain

  • Goal: stop spread before fixing.
  • Common containment moves:
    • Disable compromised account at the IdP.
    • Rotate suspected credential (KMS, GitHub token, deploy key).
    • Cordon affected service (route 100% traffic away).
    • Quarantine affected host / pod (snapshot for forensics first).

4. Eradicate

  • Remove malicious artifact (deploy clean image, revoke malicious plugin, patch vuln).
  • Validate via the same detection signal that originally fired.

5. Recover

  • Restore service; confirm normal metrics for at least one steady-state cycle.
  • Update status page; customer comms per breach-notification rules.

6. Lessons learned

  • Within 5 business days, blameless post-incident review.
  • File remediation tickets; update risk register.
  • Update this runbook with new playbook entries.

Playbooks by scenario

Playbook A — Suspected KMS / Steward master-key compromise (SEV-0)

  1. Page: Security Lead + Engineering Lead + Legal.
  2. Contain:
    • Suspend issuance of new wrapped DEKs.
    • Begin emergency rotation: generate new KEK; re-wrap all DEKs under new KEK.
    • Invalidate any plaintext copies (audit Steward access log).
  3. Eradicate:
    • Identify how the key was exposed (audit Steward + host logs).
    • Patch the exposure path.
  4. Recover:
    • Confirm all DEKs re-wrapped; archive old KEK for one dual-accept window then destroy.
  5. Notify:
    • Customers per DPA (likely required even if no data was actually decrypted).
    • Regulators per applicable law (GDPR 72h).

Playbook B — Plugin compromise (SEV-0/1)

  1. Page: Security Lead + agent-runtime engineer.
  2. Contain:
    • Add the plugin (or publisher key) to the revocation list and publish.
    • Runtime emergency-revoke check fires on next poll; manual broadcast notification to active customers.
  3. Eradicate:
    • Pull plugin from registry.
    • Coordinate with plugin author if account compromise; rotate publisher key.
  4. Recover:
    • Customer comms with what to expect; assist affected customers with rotation of any connector tokens the plugin touched.

Playbook C — Connector token theft (SEV-1)

  1. Page: Security Lead.
  2. Contain:
    • Revoke affected grants in Cloud (DEK-destroy + provider-side revoke).
    • If breadth uncertain, broadcast connector-class revoke for the affected provider.
  3. Eradicate:
    • Identify leak path (DB exposure, log leak, in-transit MITM).
  4. Recover:
    • Affected users re-grant; audit-event review for any unauthorized use during window.

Playbook D — Cloud API auth bypass (SEV-0)

  1. Page: Security Lead + cloud-api owner.
  2. Contain:
    • Roll JWT signing key (auth.jwt); all existing sessions invalidated.
    • Deploy patch closing the bypass.
  3. Eradicate / Recover:
    • Verify via integration test fixture for the bypass.
    • Customer notification per breach-notification rules.

Playbook E — Supply chain (compromised npm dep) (SEV-1)

  1. Page: Security Lead + the package owner.
  2. Contain:
    • Pin lockfile to last known-good; rebuild + redeploy.
  3. Eradicate:
    • Audit for runtime indicators of compromise (network destinations, suspicious processes).
  4. Recover:
    • File CVE / coordinate with upstream.

Playbook F — Backup / DR failure (SEV-2 routine; SEV-1 if blocking)

  1. Re-run backup job; investigate root cause.
  2. If repeated failure, escalate; manual snapshot of affected datastore.
  3. Document in monthly capacity / availability review.

Playbook G — Anomalous data-export volume alert (SEV-2/1 by magnitude)

  1. Contain: rate-limit / disable export endpoint for the affected account.
  2. Triage: validate vs known automation; review audit events for the user; check for credential compromise indicators.
  3. Escalate if credential compromise confirmed.

After every incident

  • Update ../../POLICIES/08-incident-response.md (POLICIES/08-incident-response.md) if procedure changed.
  • File risk-register entry if the incident reveals a new risk.
  • Update THREAT-MODEL.md if a new threat class emerged.