Back to home

Responsible Disclosure

Last updated: July 2026

We welcome reports

We hold ourselves to the standard we test others against. If you believe you have found a security vulnerability in a BugSnaps-owned system, we want to hear from you — and we will treat your report with the respect we'd expect for our own.

How to report

Email aryan@bugsnaps.in with a description of the issue, steps to reproduce, and any relevant proof of concept. We acknowledge reports within 2 business days and aim to provide a resolution timeline within 5.

Ground rules

  • Do not access, modify, or exfiltrate data that isn't yours.
  • Do not degrade service availability (no denial-of-service testing).
  • Give us reasonable time to remediate before public disclosure.
  • Only test systems owned and operated by BugSnaps.

Safe harbor

We will not pursue legal action against researchers who act in good faith, follow these guidelines, and report findings promptly and privately.