RunnerMonitor interacts with CI runner registrations, local services, WSL sudo, and remote hosts. Treat configuration and runner tokens as sensitive.
RunnerMonitor is currently maintained from the main branch and active
feature branches in this repository.
Do not publish secrets, runner tokens, sudo passwords, private hostnames, or private infrastructure details in a public issue.
For this repository, report sensitive findings directly to the maintainer through a private GitHub channel or another trusted private contact path.
- Keep
runner-monitor.jsonbeside the executable and out of git. - Keep
wslSudoPasswordonly in the app-local config file. - Never paste GitHub runner registration/remove tokens into issues, PRs, or committed files.
- Redact local hostnames and paths when they reveal private infrastructure.
- Destructive operations must remain dry-run by default.
- Folder deletion must stay limited to configured runner roots.
- Busy runner protection must remain enabled unless an explicit force command is used by the operator.