SkyDeck.ai Docs
Sign UpAdmin Sign InContact Us
English
English
  • SkyDeck.ai
  • GenStudio Workspace
    • Conversations
    • SkyDeck AI Helper App
    • Document Upload
    • Sharing and Collaboration
    • Slack Synchronization
    • Public Snapshots
    • Web Browsing
    • Tools
      • Pair Programmer
        • How to Use
        • Example – Python Script Assistance
      • SQL Assistant
        • How to Use
        • Example – Query Debugging
      • Legal Agreement Review
        • How to Use
        • Example – NDA Clause
      • Teach Me Anything
        • How to Use
        • Example – Intro to Programming
      • Strategy Consultant
        • How to Use
        • Example – Employee Retention
      • Image Generator
        • How to Use
        • Example – Winter Wonderland
    • Data Security
      • Data Loss Prevention
  • Control Center
    • Admin & Owner Tools
    • Setup Guide
      • Set Up Account
      • Set Up Integrations
        • Integration Assistance
      • Set Up Security
        • Authentication (SSO)
      • Organize Teams
        • Add New Group
        • Remove Groups
      • Curate Tools
        • System Tools
        • Assign Tags
      • Manage Members
        • Add Members
        • Import File
        • Invite Members
        • Edit Members
    • Billing
      • Free Trial
      • Buy Credit
      • Plans and Upgrades
      • Model Usage Prices
  • Integrations
    • LLMs and Databases
      • Anthropic Integration
      • Database Integration
      • Groq Integration
      • HuggingFace Integration
      • Mistral Integration
      • OpenAI Integration
      • Perplexity Integration
      • Together AI Integration
      • Vertex AI Integration
    • App Integrations
      • Rememberizer Integration
      • Slack Integration
  • Developers
    • Develop Your Own Tools
      • JSON format for Tools
      • JSON Format for LLM Tools
      • Example: Text-based UI Generator
      • JSON Format for Smart Tools
  • Use Cases
    • Creating a Privacy Policy
  • Notices
    • Terms of Use
    • Privacy Policy
    • Cookie Notice
  • Releases
    • May 9th, 2025
    • May 2nd, 2025
    • Apr 25th, 2025
    • Apr 18th, 2025
    • Apr 11th, 2025
    • Apr 4th, 2025
    • Mar 28th, 2025
    • Mar 21st, 2025
    • Mar 14th, 2025
    • Mar 7th, 2025
    • Feb 28th, 2025
    • Feb 21st, 2025
    • Feb 14th, 2025
    • Feb 7th, 2025
    • Jan 31st, 2025
    • Jan 24th, 2025
    • Jan 17th, 2025
    • Jan 10th, 2025
    • Jan 3rd, 2025
    • Dec 27th, 2024
    • Dec 20th, 2024
    • Dec 13th, 2024
    • Dec 6th, 2024
    • Nov 29th, 2024
    • Nov 22nd, 2024
    • Nov 15th, 2024
    • Nov 8th, 2024
    • Nov 1st, 2024
    • Oct 25th, 2024
    • Oct 18th, 2024
    • Oct 11th, 2024
    • Oct 4th, 2024
    • Sep 27th, 2024
    • Sep 20th, 2024
    • Sep 13th, 2024
    • Sep 6th, 2024
    • Aug 23rd, 2024
    • Aug 16th, 2024
    • Aug 9th, 2024
    • Aug 2nd, 2024
    • Jul 26th, 2024
    • Jul 12th, 2024
    • Jul 5th, 2024
    • Jun 28th, 2024
    • Jun 21st, 2024
    • Nov 12th 2023
    • Nov 6th 2023
    • Oct 30th 2023
    • Oct 23th 2023
    • Oct 16th 2023
    • Sep 18th 2023
    • Sep 8th 2023
  • Security
    • SkyDeck.ai Security Practices
    • Bug Bounty Program
  • AI Documentation
    • LLM Evaluation Report
    • SkyDeck.ai LLM Ready Documentation
Powered by GitBook
On this page
  • Introduction
  • Scope
  • Out of Scope
  • Eligible Vulnerabilities
  • Ineligible Vulnerabilities
  • Reporting a Vulnerability
  • Reward
  • Rules
  • Legal
  1. Security

Bug Bounty Program

Introduction

SkyDeck.ai is committed to ensuring the security and integrity of our platform. We understand the important role that independent security researchers play in maintaining the security of our platform. We encourage security researchers to examine and test our platform and report any vulnerabilities they may find. In recognition of their efforts, we provide a bug bounty program.

Scope

The scope of our bug bounty program is limited to vulnerabilities in SkyDeck.ai's platform and services available from the SkyDeck.ai domain. The scope includes all the features, functionalities, and tools mentioned on our website such as the AI Control Center, GenStudio, and any other services hosted on our domain.

Out of Scope

Any third-party websites, services, or platforms linked from our website are not in the scope of this program. Additionally, any physical attempts to compromise our system or social engineering attempts are also out of the scope.

Eligible Vulnerabilities

The following categories of vulnerabilities are eligible for our bug bounty program:

  • Remote Code Execution (RCE)

  • SQL Injection

  • Cross-site Scripting (XSS)

  • Cross-Site Request Forgery (CSRF)

  • Server-side Request Forgery (SSRF)

  • Insecure Direct Object References (IDOR)

  • Authorization issues

  • Information disclosure issues

Ineligible Vulnerabilities

The following categories of vulnerabilities are not eligible for our bug bounty program:

  • Denial of Service (DoS / DDoS) vulnerabilities

  • Spamming

  • Clickjacking on pages with no sensitive actions

  • Unconfirmed reports from automated vulnerability scanners

  • Issues related to software or protocols not under SkyDeck.ai's control

Reporting a Vulnerability

To report a vulnerability, please send an email to security@skydeck.ai with the following information:

  • Detailed steps to reproduce the vulnerability

  • The potential impact of the vulnerability

  • Any potential mitigations or fixes for the vulnerability

  • Your contact information

Reward

We offer a reward of $20 to $100 for vulnerabilities, depending on severity and impact. We determine the exact amount on a case-by-case basis.

Rules

  • You must not violate the privacy of any user data, disrupt our services, or cause harm to our users or systems.

  • You must not disclose the vulnerability to anyone else until we've had a reasonable amount of time to fix it.

  • You must be the first person to report the vulnerability to be eligible for a reward.

Legal

By participating in the bug bounty program, you agree to comply with all applicable laws and regulations. You also agree not to exploit any vulnerability you discover for any purpose other than reporting it to us.

Last updated 11 days ago