Break Our Runtime Authorization

Help us harden runtime authorization for AI agents.

Bug bounty rewards up to $10,000

Bounty Rewards

Critical
$5,000 - $10,000

Remote code execution, authentication bypass, complete memory protection bypass

High
$2,000 - $5,000

Policy bypass, audit log tampering, consensus validation bypass

Medium
$500 - $2,000

Information disclosure, partial policy bypass, rate limiting bypass

Low
$100 - $500

Minor security issues, hardening improvements, documentation gaps

In Scope

  • MCP Firewall proxy component
  • Memory checksumming implementation
  • Policy enforcement engine
  • Consensus validation system
  • Audit logging system
  • API authentication
  • Docker deployment configurations

Out of Scope

  • × Social engineering attacks
  • × Denial of Service attacks
  • × Third-party dependencies (report upstream)
  • × Physical security
  • × Spam or phishing

Ready to Hunt?

Report vulnerabilities responsibly and earn rewards while helping protect the AI ecosystem.