Providers
OpenAI, Anthropic, Google, Meta all have bounty programs. Payouts $500-100k+.
Advertisement
Reportable
Novel jailbreak. Data extraction. Model behavior violating stated policies. Cross-tenant leakage.
Advertisement
Not typically covered
Known jailbreaks. Overrefusal. Model 'wrong answer' unless safety-critical.
Timeline
90 days standard. Publish after fix or timeline. Coordinate with provider.