Back to Security
Bug Bounty Program

Help us keep AgentUI secure

We value the work of security researchers who help us protect our platform. If you discover a vulnerability, we want to hear from you.

Report to
security@agentui.ai

How to report a vulnerability

Send an email to our security team with the details of the vulnerability you have found. Please include as much information as possible to help us understand and reproduce the issue.

01

Find

Discover a security vulnerability in our platform

02

Report

Send details to security@agentui.ai

03

Collaborate

We work together to resolve the issue

What to include in your report

01A clear description of the vulnerability
02Steps to reproduce the issue
03The potential impact of the vulnerability
04Any proof of concept or screenshots
05Your contact information for follow-up
New vulnerability report
Just now
Vulnerability type
Severity
Steps to reproduce
Encrypted & confidential

In scope

Authentication and authorization flaws
Cross-site scripting (XSS)
Cross-site request forgery (CSRF)
SQL injection and other injection attacks
Server-side request forgery (SSRF)
Sensitive data exposure
Business logic vulnerabilities

Out of scope

Denial of service (DoS/DDoS) attacks
Social engineering or phishing attacks
Physical security attacks
Automated scanning without prior approval
Attacks against users or employee accounts
Guidelines

Responsible disclosure guidelines

We ask security researchers to follow responsible disclosure practices. This helps us protect our users while giving you the recognition you deserve.

1
Give us reasonable time to fix the issue before public disclosure
2
Do not access, modify, or delete other users' data
3
Do not degrade the performance or availability of our services
4
Act in good faith and comply with all applicable laws
5
Only test against accounts you own or have explicit permission to test
Our promise

Our commitment to you

Acknowledge receipt of your report within 48 hours
Provide regular updates on the status of your report
Work with you to understand and validate the issue
Credit researchers who help improve our security (with permission)
Not pursue legal action against researchers acting in good faith

Ready to report a vulnerability?

Send your findings to our security team. We review every report carefully.

security@agentui.ai