thebgllc.com
Overview
This is a small operation — one developer, several products, real users. If you've found a security issue in something I've built, I want to know about it. I'll take your report seriously, respond promptly, and work to fix legitimate issues. I don't have a bug bounty program, but I do have a clear process and genuine appreciation for responsible disclosure.
Scope
Reporting
Security: [domain]. Plain text is fine — no need for a special template.Ground rules
My commitments
There is currently no monetary bounty program. That may change as these products grow.
Safe harbor
Security research conducted in accordance with this policy is authorized. I will not pursue legal action against researchers who discover and report vulnerabilities responsibly. If a third party initiates legal action in connection with research you've conducted under this policy, I will make clear that your actions were authorized and taken in good faith.
This policy is not a blanket authorization to probe my infrastructure. It's a commitment to fair dealing when researchers act within the guidelines above.
Contact