Confluence Health Check

Public Trust Document

Security Statement

Security statement for Confluence Health Check.

Source: docs/SECURITY_STATEMENT.mdLast generated:

Security Statement

Security statement for Confluence Health Check.

This document summarizes the current security posture implemented in the repository and is intended to back the Marketplace listing and Privacy & Security questionnaire.

1. Product Security Posture

Confluence Health Check is a read-only Forge app for Confluence Cloud. The app is designed to minimize risk by:

  • requesting only read-only Confluence scopes plus Forge app storage,
  • not declaring Forge outbound external-fetch permissions in the current shipped manifest,
  • keeping side effects at controlled runtime and storage boundaries,
  • validating resolver and runtime inputs with typed error handling,
  • storing scan results in Forge-hosted storage rather than an external bespoke backend.

2. Key Controls

Current repository controls include:

  • threat modeling for resolver, scanner, and export paths in docs/THREAT_MODEL.md,
  • a supported-check contract that keeps deferred network and analytics probes out of the shipped runtime,
  • an SSRF-aware external-link validation policy ready for any future egress-reviewed release,
  • documented incident runbooks, escalation paths, and release gates,
  • automated test, typecheck, lint, and dependency-audit coverage in CI,
  • lifecycle cleanup for retained scan data and uninstall/offboarding handling.

3. Vulnerability Reporting

Security issues or any suspected vulnerability should be reported to workaroundapps1@gmail.com. A dedicated security alias is not currently published, so use the shared support intake and clearly label the report as a security issue.

Reports should include:

  • affected tenant or environment when relevant,
  • UTC timestamp of the observation,
  • reproduction steps, logs, or screenshots when available,
  • impact assessment if known.

4. Incident Handling

Operational and security-impacting incidents are handled through the documented runbooks:

  • docs/OPERATIONS_RUNBOOK.md
  • docs/ON_CALL_AND_ESCALATION.md
  • docs/SUPPORT_POLICY.md

These documents define severity, escalation, communication cadence, and follow-up expectations.

5. Customer Data Handling

The app is intended to process only the data required for Confluence content-health analysis. The app does not modify Confluence content, does not declare Forge outbound external-fetch permissions in the current Marketplace release, and does not use customer data for advertising or unrelated secondary purposes. See docs/PRIVACY_POLICY.md for the data-handling summary.

6. Ongoing Review

This statement should be reviewed whenever scopes, storage behavior, scanner probing behavior, or operational ownership changes.