Reporting Security Issues
If you discover a security vulnerability or have a security concern about TalkWriter, we want to hear from you. This page explains how to report issues responsibly.
How to Report
Email your findings to support@talkwriter.ai with the subject line "Security Report."
Include as much of the following as possible:
- A clear description of the vulnerability or concern
- Steps to reproduce the issue (if applicable)
- Potential impact
- Screenshots or proof-of-concept (if available)
What to Expect
| Step | Timeline |
|---|---|
| Acknowledgment of your report | Within 2 business days |
| Initial assessment | Within 5 business days |
| Fix deployed (if confirmed) | Depends on severity |
We take all security reports seriously and will communicate with you throughout the process.
Responsible Disclosure
We ask that security researchers:
- Do not access other users' data
- Do not disrupt the service (no DoS testing)
- Do not publicly disclose the issue until we have had a chance to address it
- Do provide enough detail for us to reproduce and fix the issue
We appreciate your help in keeping TalkWriter secure for all users.
FAQ
Is there a bug bounty program? TalkWriter does not currently operate a formal bug bounty program with cash rewards. We appreciate responsible disclosures and will credit reporters (with permission) when issues are fixed.
What kinds of issues should I report? Any security concern, including: authentication issues, data exposure, API vulnerabilities, or privacy concerns.
Can I test against my own account? Yes. You are welcome to test security using your own TalkWriter account.
Was this helpful? Let us know at support@talkwriter.ai