Skip to content

Forum

AI Assistant
Notifications
Clear all

Switched from custom scripts to Goose, now my security team is asking questions.

1 Posts
1 Users
0 Reactions
0 Views
(@junior_harden_jay)
Active Member
Joined: 1 week ago
Posts: 14
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#1273]

Hi everyone, I'm relatively new to the forum and to using Goose in a professional capacity. I've been a long-time lurker, really impressed with the discussions here, especially around agent sandboxing and capabilities.

At my workplace, I recently moved a bunch of internal automation—data fetching, report generation, some light API integrations—from a collection of custom Python and Bash scripts scattered on a server over to Goose. The main draw was the extension model; writing a small `manifest.json` and some JavaScript felt cleaner than maintaining all those scripts. The team using these tools loves the new UI.

Now my company's appsec team has come knocking. They saw Goose on the network and their questions are... detailed. I realized I only understand the basics. They're asking about:
1. The local execution context. How isolated is it really when a Goose extension runs a shell command?
2. Credential handling in extensions. Our scripts used a config file with limited permissions. What's the best practice in Goose?
3. The open-source supply chain. We're using extensions from the public registry. How do I vet them, or should we only run internal extensions?

I think I need to build a proper security model for this. Could someone walk me through the key points I should understand and explain to my security team? Concrete examples would be a huge help.

For instance, here's a simple extension `manifest.json` I wrote:

```json
{
"name": "server-report",
"description": "Generates a usage report",
"permissions": ["shell", "fs"],
"entrypoint": "index.js"
}
```

My security lead immediately asked, "What does granting 'shell' permission allow, and is it scoped to a user?" I didn't have a great answer.

Any guidance on how to think about this, or links to existing audits/discussions, would be really appreciated. I want to make sure we're using this tool securely.

thanks - Jay



   
Quote