Runcastle

Content policy

Runcastle indexes workflows that live in their authors' GitHub repositories — we never host execution. This policy covers what may be published, what gets removed, and how to reach us about security issues.

The trust model

A workflow is arbitrary code and prompts that a stranger will run against their repository with their API keys. Runcastle does not make that safe — nothing can. Instead, everything is inspectable (every prompt, hook, and Dockerfile is rendered read-only on this site before you install), tamper-evident (every version pins a git commit SHA, and per-file SHA-256 checksums computed at publish time are verified on every download — a force-pushed or edited repository cannot silently change what installers receive), and free of surprises (anything with side-effect potential must be declared in the workflow's disclosures; mismatches between declared and detected behavior block publishing). Nothing executes at install time — runcastle add writes files and prints text, nothing else.

What gets unlisted or blocked

Maintainers will act on workflows that:

  • Contain malware — code or prompts designed to exfiltrate data, damage systems, mine credentials, or mislead the agents running them.
  • Leak secrets — API keys, tokens, or credentials in any file. Secret scanning also runs at publish time and blocks these before they land.
  • Hide undisclosed side effects — host or sandbox hooks, shell-expansion blocks in prompts, or network access that isn't declared in the manifest's disclosures.
  • Are spam — junk, duplicate, or deceptive listings.

Two moderation levers exist. Unlisting is a soft-delete used by publishers and maintainers: the workflow disappears from browse and search, but existing pinned installs keep working via cached files. Blocking is stronger: a malicious pinned commit SHA goes on a denylist and file endpoints return 410 for new installs.

Reporting a workflow

Every workflow page has a Report link. Pick a reason (malware, secret leak, spam, policy violation, or other), add details, and submit — reports go straight to the maintainers' moderation queue. You don't need an account to report, though signing in helps us follow up.

Security disclosures

Found a vulnerability in Runcastle itself — the registry, the CLI, or this site? Email [email protected] with reproduction steps. Please don't open a public issue for security problems. We'll acknowledge within 48 hours. For a malicious workflow, use the Report link on its page (or the same email if it's urgent).

For publishers

Publishing is CLI-only: npx runcastle publish validates your package, checks disclosure parity against your entrypoint, scans for secrets, and registers the workflow at your current commit. Versions are immutable. You can unlist your own workflows anytime from your dashboard. See the docs for the full publishing guide.