Security Policy for Prime Intellect AI

Scope and Authorization

Prime Intellect AI welcomes security vulnerability reports regarding our public-facing infrastructure, including our website and API endpoints at *.primeintellect.ai. Security researchers must conduct testing in a manner that does not disrupt service availability or compromise customer data integrity.

Vulnerability Reporting Process

To submit a security vulnerability report:

IMPORTANT: We only accept and respond to vulnerability reports submitted via email to security@primeintellect.ai. Reports submitted through other channels (including but not limited to Telegram, Discord, social media, or personal email addresses) will not be considered valid submissions and are not eligible for rewards or acknowledgment. For encrypted communications, please use our PGP key available at https://primeintellect.ai/security.

Security Contact Information

Our security contact information and PGP public key for encrypted communications are available at https://primeintellect.ai/security. We encourage researchers to use PGP encryption when sharing sensitive vulnerability details.

Our Commitment

Prime Intellect AI is committed to:

Prohibited Testing Activities

The following activities are expressly prohibited:

Resolution Timeframes

We strive to address security vulnerabilities according to the following timeframes:

Vulnerability Rewards

Prime Intellect AI provides compensation for valid security vulnerability reports. Reward amounts are determined based on:

We evaluate each submission individually. Final reward determinations are at the discretion of our security team.

Eligibility for Rewards

To be eligible for compensation:

Prime Intellect AI values the security research community's contributions to maintaining the integrity and security of our systems. Thank you for your commitment to responsible disclosure practices.

Identity Verification and Payment Process

Prime Intellect AI reserves the right to conduct Know Your Customer (KYC) verification for all reward recipients. This process helps us:

To receive payment, you may be required to provide:

All personal information collected during this process will be handled in accordance with our Privacy Policy and applicable data protection laws.