Security

Security Overview

Mutant enforces security at compile time and runtime using encrypted artifacts, trust checks, policy-aware execution, and capability-gated built-ins. What to Review Protection profiles and their default-deny posture Capability gating for command, filesystem, and network built-ins Artifact signing and trust verification Anti-tamper and anti-debug behavior Telemetry collection and sandbox detection Detailed security behavior in mudocs is adapted from upstream security design documents and should be reviewed whenever those sources change. Canonical Source docs/SECURITY_LLD.

Source repo
aoiflux/mutant
Source path
docs/SECURITY_LLD.md
Last reviewed
2026-07-03
Freshness tier
critical

Mutant enforces security at compile time and runtime using encrypted artifacts, trust checks, policy-aware execution, and capability-gated built-ins.

What to Review

  • Protection profiles and their default-deny posture
  • Capability gating for command, filesystem, and network built-ins
  • Artifact signing and trust verification
  • Anti-tamper and anti-debug behavior
  • Telemetry collection and sandbox detection

Detailed security behavior in mudocs is adapted from upstream security design documents and should be reviewed whenever those sources change.

Canonical Source