Trust & Compliance
Responsible Disclosure
Coordinated vulnerability disclosure with safe harbor boundaries for good-faith research.
Purpose
UmamiMind supports coordinated vulnerability disclosure and encourages responsible security research that improves platform safety.
How to report
- Submit a report via the designated disclosure channel
- Include affected component, impact, and reproduction steps
- Avoid public disclosure prior to remediation
- Use non-destructive proof-of-concept only
Safe harbor
UmamiMind will not pursue legal action against researchers who act in good faith, follow this policy, avoid data access or disruption, and coordinate disclosure timing.
Prohibited activities
- Accessing or modifying customer data
- Denial-of-service attacks
- Social engineering or phishing
- Automated scanning that degrades service
- Public disclosure without coordination
Pilot-stage notice
This policy reflects pilot-stage operations and may evolve as UmamiMind transitions toward General Availability.