We take the security and integrity of Monkeytype very seriously. If you have found a vulnerability, please report it ASAP so we can quickly remediate the issue.

Table of Contents

How to Disclose a Vulnerability

For vulnerabilities that impact the confidentiality, integrity, and availability of Monkeytype services, please send your disclosure via (1) email, or (2) ping Miodec#1512 on the Monkeytype Discord server in the #developement channel and he can discuss the situation with you further in private. For non-security related platform bugs, follow the bug submission guidelines . Include as much detail as possible to ensure reproducibility. At a minimum, vulnerability disclosures should include:

Submission Guidelines

Do not engage in activities that might cause a denial of service condition, create significant strains on critical resources, or negatively impact users of the site outside of test accounts.