Conversation
Signed-off-by: Frederick F. Kautz IV <fkautz@alumni.cmu.edu>
fkautz
force-pushed
the
safe-framework-sandbox
branch
from
4aac3c2 to
eb445c4
Compare
mihaimaruseac
left a comment
mihaimaruseac
left a comment
There was a problem hiding this comment.
Thank you for filing the application!
|
|
||
| ### Mission of the project | ||
| The project must be aligned with the OpenSSF mission and either be a novel approach for existing areas, address an unfulfilled need, or be initial code needed for OpenSSF WG work. It is preferred that extensions of existing OpenSSF projects collaborate with the existing project rather than seek a new project. | ||
| * SAFE-Framework provides a shared security framework for Agentic AI systems, focusing on the real-world side effects of autonomous actions, tool use, and model-to-model interactions. It catalogs tactics and techniques for agentic failure modes and security abuse, and offers guidance for mitigation and detection so builders can assess and reduce risk before deployment. |
There was a problem hiding this comment.
To confirm, SAFE-MCP is a specification/framework, not a software project, right? Is there any intent to provide software at some future point?
There was a problem hiding this comment.
It'd be good to know but if the intent is to produce a spec it should still be a Project. We used to have spec work take place in SIGs but we changed that.
From the SIG lifecycle:
If the SIG starts to produce code or specifications, they should consider becoming a project instead, especially if this becomes the main scope of the SIG.
gkunz
added
the
Major / New TI
bobcallaway
left a comment
bobcallaway
left a comment
There was a problem hiding this comment.
it would be good to see closer alignment with other projects within the AI/ML Security WG as time goes on.
|
It may be a bit early to formalize this as a full project. A more measured approach could be to begin as a Special Interest Group (SIG), allowing the community to explore the scope, clarify objectives, and demonstrate tangible outcomes. As deliverables become more clearly defined and sustained contributions take shape, transitioning to project status would likely be a natural and well-supported next step. This path provides space for thoughtful development while ensuring the structure aligns with what is ultimately produced. |
Just FYI, this is already an existing project looking to be adopted, more so than an entirely new initiative without existing content. See: https://www.safemcp.org/ and https://github.com/SAFE-MCP/safe-mcp |
10 participants
Summary