Break Our Runtime Authorization
Help us harden runtime authorization for AI agents.
Bug bounty rewards up to $10,000
Bounty Rewards
Critical
$5,000 - $10,000
Remote code execution, authentication bypass, complete memory protection bypass
High
$2,000 - $5,000
Policy bypass, audit log tampering, consensus validation bypass
Medium
$500 - $2,000
Information disclosure, partial policy bypass, rate limiting bypass
Low
$100 - $500
Minor security issues, hardening improvements, documentation gaps
In Scope
- MCP Firewall proxy component
- Memory checksumming implementation
- Policy enforcement engine
- Consensus validation system
- Audit logging system
- API authentication
- Docker deployment configurations
Out of Scope
- × Social engineering attacks
- × Denial of Service attacks
- × Third-party dependencies (report upstream)
- × Physical security
- × Spam or phishing
Ready to Hunt?
Report vulnerabilities responsibly and earn rewards while helping protect the AI ecosystem.