Providers

OpenAI, Anthropic, Google, Meta all have bounty programs. Payouts $500-100k+.

Advertisement

Reportable

Novel jailbreak. Data extraction. Model behavior violating stated policies. Cross-tenant leakage.

Advertisement

Not typically covered

Known jailbreaks. Overrefusal. Model 'wrong answer' unless safety-critical.

Timeline

90 days standard. Publish after fix or timeline. Coordinate with provider.