monkeytype/SECURITY.md

Security Policy

We take the security and integrity of Monkeytype very seriously. If you have found a vulnerability, please report it ASAP so we can quickly remediate the issue.

Reporting a Vulnerability

For vulnerabilities that impact the confidentiality, integrity, and availability of Monkeytype services, please send your disclosure via (1) email, or (2) private Discord chat to Miodec (Miodec#1512). For non-security related platform bugs, follow the bug submission guidelines. Include as much detail as possible to ensure reproducibility. At a minimum, vulnerability disclosures should include:

• Vulnerability Description
• Proof of Concept
• Impact
• Screenshots or Proof

Submission Guidelines

Do not engage in activities that might cause a denial of service condition, create significant strains on critical resources, or negatively impact users of the site outside of test accounts.