Effective Date: August 6, 2025
We appreciate responsible security research. This policy helps protect Hinges.AI users while encouraging good-faith testing.
1. Scope
Testing is only allowed on:
• Staging environments of *.hinges.ai
• Test accounts you create yourself
2. Out-of-Scope
Please do not:
• Test production systems
• Access other users’ data
• Perform denial-of-service attacks
• Use social engineering or phishing
3. Reporting Vulnerabilities
To report a vulnerability, email [email protected] with:
• Steps to reproduce
• Any proof-of-concept (if safe to share)
• Affected system or URL
We aim to acknowledge valid reports within 2–3 business days.
4. Recognition
We currently do not offer cash rewards, but we may recognize valid reports with public thanks (optional and with your consent).
5. Legal Safe Harbor
If you follow this policy and act in good faith:
• We will not pursue legal action
• We ask you to avoid violating any laws in the process