Security

Responsible Disclosure

We take the security of our platform and the data of our users very seriously. We appreciate security researchers helping us keep AGNCI safe.

Guidelines

If you have found a vulnerability in our systems, we ask you to follow these guidelines:

Report the vulnerability as soon as possible after discovery

Do not share the vulnerability with third parties until it has been resolved

Do not exploit the vulnerability. Only do what is necessary to demonstrate the issue

Delete any obtained data immediately after reporting

Do not carry out attacks that could affect the availability of our services

Do not use social engineering, phishing, or physical attacks

The following systems fall within the scope of our responsible disclosure policy:

*.agnci.ai

The AGNCI web platform and API

Authentication and authorization mechanisms

Vulnerabilities in third-party software that we do not manage

Denial-of-service (DoS/DDoS) attacks

Spam or social engineering

Physical security issues

Results from automated scans without proven impact

We will respond to your report within 3 business days

We will keep you informed of the progress

We will not take legal action if you follow the guidelines

We will mention your name (if you wish) as thanks for your contribution

Have you found a vulnerability? Send your findings to:

Describe the vulnerability in as much detail as possible, including steps to reproduce the issue. Use encrypted communication if possible.