Responsible Disclosure Policy

Last Updated: 2025-04-26

At The Inventor Guide, we take the security of our systems and users seriously. If you believe you’ve found a security vulnerability in any of our services, we encourage you to report it to us responsibly. This policy outlines how to do so, what to expect from us, and how we’ll work together to resolve the issue.

Our Commitment

  • We will acknowledge receipt of your report promptly.
  • We will investigate the issue thoroughly and in a timely manner.
  • We will not take legal action against individuals who report vulnerabilities in good faith and in accordance with this policy.
  • We will keep you informed throughout the remediation process and credit you publicly (if desired) once the issue is resolved.

How to Report

To report a vulnerability, please email us at security@theinventor.guide with the following information:

  • A clear description of the vulnerability
  • Steps to reproduce the issue (proof of concept is encouraged)
  • Any relevant logs, screenshots, or supporting materials
  • Your name or alias (if you’d like public recognition)

Scope

This policy covers vulnerabilities in:

  • Any domain owned by theinventor.guide
  • Applications or services operated by us
  • APIs and integrations offered by The Inventor Guide

Exclusions:
Vulnerabilities found in our merchandise store (shop.theinventor.guide) are outside our scope. That subdomain is operated by Fourthwall, and any issues related to it should be reported directly to them through their security channels or privacy policy.

Rules of Engagement

We ask that you:

  • Avoid privacy violations, data destruction, or service disruption
  • Do not access or modify data that doesn’t belong to you
  • Give us a reasonable amount of time to resolve the issue before disclosing it publicly
  • Comply with all applicable laws and regulations

Safe Harbor

We will not pursue legal action or law enforcement investigation if:

  • You comply with this policy in good faith
  • Your testing was limited to systems and scope defined above
  • You do not exploit the vulnerability beyond what is necessary to demonstrate the issue

If you have any doubt about whether your actions comply with this policy, contact us before proceeding.

Thank You

We deeply appreciate the work of security researchers and ethical hackers who help keep our platform safe. If your report leads to a significant fix, we may offer a small thank-you.