security
Vulnerability Reporting
Minora AI takes security seriously. If you have discovered a potential security vulnerability, we want to hear from you. We appreciate responsible disclosure and will work with you to address any issues promptly.
How to Report
Email Your Report
-
Description of the vulnerability and its potential impact - Steps to reproduce the issue
- Affected component or URL
- Your contact information for follow-up
- Any proof-of-concept code or screenshots
Our Commitment
-
48-Hour Acknowledgment
We acknowledge all vulnerability reports within 48 hours of receipt. -
Transparent Timeline
We provide remediation timelines for all confirmed vulnerabilities and keep reporters informed of progress. -
No Legal Action
We will not pursue legal action against researchers who report vulnerabilities in good faith and follow responsible disclosure practices. -
Credit and Recognition
With your permission, we will publicly credit researchers who report valid vulnerabilities.
Out of Scope
- Social engineering or phishing attacks against Minora employees
- Denial of service (DoS/DDoS) attacks
- Vulnerabilities in third-party applications or services
- Reports from automated vulnerability scanners without manual verification
Questions About Security?
For general security inquiries, contact@minora.ai