본문으로 건너뛰기
S

Security Policy

Last updated: March 9, 2026

Responsible Disclosure

We take security seriously at ScoreMyPrompt. If you discover a security vulnerability, we appreciate your help in disclosing it to us responsibly.

Reporting a Vulnerability

Please report security issues to security@scoremyprompt.com

Include as much detail as possible: steps to reproduce, impact assessment, and any proof-of-concept code.

What We Promise

  • Acknowledge receipt within 48 hours
  • Provide regular updates on our investigation
  • Credit you in our security acknowledgments (if desired)
  • Not pursue legal action for responsible disclosure

Scope

The following are in scope for security reports:

  • scoremyprompt.com and all subdomains
  • API endpoints at scoremyprompt.com/api/*
  • Authentication and authorization flows
  • Data storage and processing

Out of Scope

  • Social engineering attacks
  • Denial of service attacks
  • Issues in third-party services
  • Vulnerabilities in outdated browsers

Data Protection

ScoreMyPrompt processes prompts for analysis only. We do not permanently store prompt content for unauthenticated users. All API communications use TLS encryption. See our Privacy Policy for full details.