Responsible Disclosure
We welcome good-faith reports of security issues in our web properties.
How to report
If you believe you have found a security issue, email apply@quietaistandard.org with a description and the steps to reproduce it. Please give us reasonable time to investigate and remediate before any public disclosure.
Safe harbor
We will not pursue or support legal action against researchers who act in good faith under this policy, avoid privacy violations and service disruption, and do not access or modify data beyond what is needed to demonstrate the issue.
Out of scope
Social engineering, physical attacks, denial-of-service testing, and issues in third-party services we do not control are out of scope.
Recognition
We do not run a paid bounty at this time. We acknowledge valid reports and will credit researchers where appropriate and welcomed.