thebgllc.com

Vulnerability Disclosure Policy

2026-06-11 2027-06-11 security@thebgllc.com

This is a small operation — one developer, several products, real users. If you've found a security issue in something I've built, I want to know about it. I'll take your report seriously, respond promptly, and work to fix legitimate issues. I don't have a bug bounty program, but I do have a clear process and genuine appreciation for responsible disclosure.

What's covered

In scope
  • sherpod.com
  • boardfolio.app
  • fammeet.net
  • famtrust.life
  • xword.me
  • thebgllc.com
  • Subdomains of the above
Out of scope
  • Cloudflare, Vercel, Supabase
  • Third-party services
  • Parked / inactive domains
  • DoS / DDoS testing
  • Social engineering
  • Physical security
  • Automated scanner noise

How to submit a report

1
Email security@thebgllc.com
Use the subject line Security: [domain]. Plain text is fine — no need for a special template.
2
Describe what you found
Include the affected URL or endpoint, the type of vulnerability, steps to reproduce, and your assessment of impact. A proof-of-concept is helpful; a full exploit is not required.
3
Give me a chance to fix it
Please don't publicly disclose the issue until I've had a reasonable opportunity to address it — or until we've agreed on a coordinated disclosure date.

What I ask of researchers

What you can expect

There is currently no monetary bounty program. That may change as these products grow.

Good faith is protected

Security research conducted in accordance with this policy is authorized. I will not pursue legal action against researchers who discover and report vulnerabilities responsibly. If a third party initiates legal action in connection with research you've conducted under this policy, I will make clear that your actions were authorized and taken in good faith.

This policy is not a blanket authorization to probe my infrastructure. It's a commitment to fair dealing when researchers act within the guidelines above.

Get in touch

Security disclosures