Awesome-omni-skill responsible-disclosure
Ethical vulnerability reporting, coordinated disclosure, and bug bounty participation for AI systems
install
source · Clone the upstream repo
git clone https://github.com/diegosouzapw/awesome-omni-skill
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/diegosouzapw/awesome-omni-skill "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data-ai/responsible-disclosure-pluginagentmarketplace" ~/.claude/skills/diegosouzapw-awesome-omni-skill-responsible-disclosure && rm -rf "$T"
manifest:
skills/data-ai/responsible-disclosure-pluginagentmarketplace/SKILL.mdsource content
Responsible Disclosure
Practice ethical vulnerability reporting through coordinated disclosure and bug bounty programs.
Quick Reference
Skill: responsible-disclosure Agent: 01-red-team-lead OWASP: Full LLM Top 10 Coverage NIST: Govern, Manage Use Case: Ethical vulnerability reporting
Disclosure Framework
┌────────────────────────────────────────────────────────────────────┐ │ RESPONSIBLE DISCLOSURE LIFECYCLE │ ├────────────────────────────────────────────────────────────────────┤ │ │ │ [Discovery] → [Verification] → [Documentation] → [Initial Contact]│ │ ↓ ↓ ↓ ↓ │ │ Find issue Reproduce Full report Contact vendor │ │ in isolation with POC security team │ │ │ │ [Coordination] → [Remediation] → [Verification] → [Disclosure] │ │ ↓ ↓ ↓ ↓ │ │ Work with Vendor Confirm fix Publish after │ │ vendor develops fix is effective patch available │ │ │ └────────────────────────────────────────────────────────────────────┘
Disclosure Types
Coordinated Disclosure (Recommended)
class CoordinatedDisclosure: """Standard coordinated disclosure process.""" STANDARD_TIMELINE = 90 # days def __init__(self, vulnerability: Vulnerability): self.vulnerability = vulnerability self.timeline = self._calculate_timeline() self.communications = [] def _calculate_timeline(self) -> DisclosureTimeline: """Calculate disclosure timeline based on severity.""" base_days = self.STANDARD_TIMELINE # Adjust for severity if self.vulnerability.severity == "CRITICAL": # Faster timeline for critical issues return DisclosureTimeline( initial_report=0, vendor_response=7, fix_development=30, patch_release=45, public_disclosure=60 ) elif self.vulnerability.severity == "HIGH": return DisclosureTimeline( initial_report=0, vendor_response=7, fix_development=45, patch_release=75, public_disclosure=90 ) else: return DisclosureTimeline( initial_report=0, vendor_response=14, fix_development=60, patch_release=90, public_disclosure=120 ) def execute(self): """Execute coordinated disclosure process.""" # Phase 1: Initial Contact self._send_initial_report() # Phase 2: Coordination self._coordinate_with_vendor() # Phase 3: Verification self._verify_patch() # Phase 4: Public Disclosure self._public_disclosure()
Disclosure Timeline
Standard Timeline (90 days): Day 0: action: "Send initial report to vendor" method: "Encrypted email to security@vendor.com" include: - Vulnerability summary - Impact assessment - Reproduction steps - Suggested timeline Day 7: action: "Expect acknowledgment" if_no_response: - Send follow-up email - Try alternative contacts - Consider CERT coordination Day 30: action: "Status check" expect: - Vulnerability confirmed - Fix in development - Estimated patch date Day 60: action: "Pre-disclosure coordination" tasks: - Agree on disclosure date - Coordinate CVE assignment - Prepare public advisory Day 90: action: "Public disclosure" publish: - Technical advisory - CVE details - Vendor credit channels: - Personal blog - Full disclosure lists - Security conferences
Bug Bounty Programs
Major AI Company Programs
OpenAI: program_type: "Private (HackerOne)" scope: - ChatGPT vulnerabilities - API security issues - Model safety bypasses - Plugin security out_of_scope: - Jailbreaks (separate program) - Known limitations - Social engineering rewards: critical: "$10,000 - $20,000" high: "$5,000 - $10,000" medium: "$1,000 - $5,000" low: "$200 - $1,000" response_time: "< 5 business days" Anthropic: program_type: "Private (Direct)" scope: - Claude security vulnerabilities - API misuse vectors - Safety system bypasses contact: "security@anthropic.com" rewards: "Case by case" note: "Focus on novel, impactful issues" Google (Bard/Gemini): program_type: "Public (Google VRP)" scope: - Bard/Gemini vulnerabilities - AI Studio security - Model extraction risks rewards: critical: "$10,000 - $31,337" high: "$5,000 - $10,000" medium: "$1,000 - $5,000" url: "https://bughunters.google.com/" Microsoft (Azure AI): program_type: "Public (MSRC)" scope: - Azure OpenAI Service - Cognitive Services - ML infrastructure rewards: critical: "$15,000 - $26,000" high: "$5,000 - $15,000" medium: "$1,000 - $5,000" url: "https://www.microsoft.com/msrc" Meta (Llama): program_type: "Public (Meta Bug Bounty)" scope: - Llama model vulnerabilities - Meta AI products - API security rewards: minimum: "$500" maximum: "$100,000+" url: "https://www.facebook.com/whitehat"
Bug Bounty Platforms
class BugBountyPlatforms: """Major bug bounty platforms with AI programs.""" PLATFORMS = { "HackerOne": { "url": "https://hackerone.com/", "ai_programs": [ "OpenAI", "Anthropic", "Stability AI", "Character.ai" ], "features": [ "Managed disclosure", "Reputation system", "Payment handling" ], "researcher_fee": "None" }, "Bugcrowd": { "url": "https://bugcrowd.com/", "ai_programs": [ "Various startups", "Enterprise AI" ], "features": [ "Crowdsourced testing", "Skills-based matching", "Training resources" ], "researcher_fee": "None" }, "Intigriti": { "url": "https://intigriti.com/", "ai_programs": [ "European AI companies" ], "features": [ "GDPR compliant", "European focus" ], "researcher_fee": "None" } }
Vulnerability Report Template
class VulnerabilityReport: """Professional vulnerability report template.""" TEMPLATE = """ # AI Security Vulnerability Report ## Metadata - **Report ID:** {report_id} - **Date:** {date} - **Researcher:** {researcher_name} - **Contact:** {contact_info} ## Executive Summary **Title:** {title} **Severity:** {severity} **CVSS Score:** {cvss_score} **CVSS Vector:** {cvss_vector} **Category:** {category} **OWASP LLM:** {owasp_mapping} ## Vulnerability Details ### Description {description} ### Affected Systems - **Product:** {product} - **Version:** {version} - **Component:** {component} - **Environment:** {environment} ### Impact Assessment #### Confidentiality Impact {confidentiality_impact} #### Integrity Impact {integrity_impact} #### Availability Impact {availability_impact} #### Business Impact {business_impact} ## Reproduction Steps ### Prerequisites {prerequisites} ### Step-by-Step Instructions {reproduction_steps} ### Proof of Concept
{poc_code}
### Expected vs Actual Behavior - **Expected:** {expected_behavior} - **Actual:** {actual_behavior} ## Evidence ### Screenshots {screenshots} ### Logs
{logs}
### Video Demonstration {video_link} ## Suggested Remediation ### Immediate Actions {immediate_actions} ### Long-term Fix {long_term_fix} ### Recommended Timeline {remediation_timeline} ## Additional Information ### Related CVEs {related_cves} ### References {references} ### Disclosure Timeline | Date | Action | |------|--------| {timeline_table} --- **PGP Key:** {pgp_key} **Encrypted Communication Preferred** """ def generate(self, vulnerability_data: dict) -> str: """Generate formatted vulnerability report.""" return self.TEMPLATE.format(**vulnerability_data)
Ethical Guidelines
Research Ethics
DO: Authorization: - Get written permission when possible - Use official bug bounty programs - Respect scope limitations - Document authorization Minimization: - Access only necessary data - Don't exfiltrate real user data - Stop after proving the issue - Clean up test artifacts Reporting: - Report promptly after discovery - Provide complete reproduction steps - Suggest remediation - Maintain confidentiality Professionalism: - Communicate respectfully - Be patient with vendors - Credit collaborators - Follow disclosure timelines DON'T: Exploitation: - Access data beyond POC needs - Pivot to other systems - Maintain persistent access - Use vulnerabilities for profit Disclosure: - Disclose before patch (usually) - Threaten or extort vendors - Sell vulnerabilities (usually) - Publish user data Testing: - Disrupt production services - Test without authorization - Social engineer employees - Physical intrusion
Legal Framework
class LegalConsiderations: """Legal framework for security research.""" SAFE_HARBOR_POLICIES = { "US": { "primary_law": "Computer Fraud and Abuse Act (CFAA)", "safe_harbor": [ "Bug bounty program terms", "DOJ Policy for Good Faith Research (2022)", "Authorized testing agreements" ], "risks": [ "CFAA prosecution if unauthorized", "Civil liability possible" ], "recommendations": [ "Stay within program scope", "Document authorization", "Consult lawyer if uncertain" ] }, "EU": { "primary_law": "Various national laws", "safe_harbor": [ "Coordinated disclosure frameworks", "NIS2 Directive provisions" ], "considerations": [ "GDPR for any data accessed", "National cybercrime laws vary" ] }, "UK": { "primary_law": "Computer Misuse Act 1990", "safe_harbor": [ "CMA prosecution guidance", "Good faith research guidance" ], "recommendations": [ "Follow NCSC guidance", "Use authorized programs" ] } } @staticmethod def assess_legal_risk(jurisdiction: str, research_type: str) -> LegalAssessment: """Assess legal risk for security research.""" framework = LegalConsiderations.SAFE_HARBOR_POLICIES.get(jurisdiction) return LegalAssessment( jurisdiction=jurisdiction, safe_harbor_available=bool(framework.get("safe_harbor")), recommendations=framework.get("recommendations", []), risks=framework.get("risks", []), advice="Always seek legal counsel for novel research" )
Communication Templates
Initial Contact
Subject: Security Vulnerability Report - [Product Name] Dear Security Team, I am a security researcher and I have discovered a vulnerability in [Product Name] that I would like to report through coordinated disclosure. **Summary:** - Type: [Vulnerability Type] - Severity: [Critical/High/Medium/Low] - Impact: [Brief impact description] I am committed to working with you to ensure this issue is resolved before any public disclosure. My suggested timeline is [X] days, but I am flexible based on the complexity of the fix. I have attached a detailed report with reproduction steps. Please confirm receipt and let me know the best way to proceed. I am available via encrypted email (PGP key attached) or through [HackerOne/Bugcrowd/Signal]. Best regards, [Your Name] [Contact Information] [PGP Fingerprint]
Follow-up (No Response)
Subject: Follow-up: Security Vulnerability Report - [Product Name] Dear Security Team, I am following up on my vulnerability report sent on [Date]. I have not received acknowledgment and want to ensure the report was received. The vulnerability is [severity level] and affects [scope]. I remain committed to coordinated disclosure but need to establish communication. If you are not the correct contact, please forward this to the appropriate team or provide an alternative contact. Timeline: [X] days remaining before disclosure deadline. Best regards, [Your Name]
Severity Assessment
AI-Specific Severity Guidelines: CRITICAL: examples: - "Complete safety bypass enabling harmful content at scale" - "Training data extraction with PII" - "Remote code execution via model" - "Authentication bypass to model" cvss_range: "9.0-10.0" disclosure_timeline: "45-60 days" HIGH: examples: - "Consistent jailbreak bypass" - "System prompt extraction" - "Significant model theft risk" - "Privilege escalation in agents" cvss_range: "7.0-8.9" disclosure_timeline: "60-90 days" MEDIUM: examples: - "Partial information disclosure" - "Rate limiting bypass" - "Inconsistent safety bypass" - "Minor model manipulation" cvss_range: "4.0-6.9" disclosure_timeline: "90-120 days" LOW: examples: - "Verbose error messages" - "Minor configuration issues" - "Theoretical attacks only" cvss_range: "0.1-3.9" disclosure_timeline: "120+ days"
Troubleshooting
Issue: Vendor not responding Solution: Try CERT/CC, alternative contacts, consider full disclosure timeline Issue: Vendor disputes severity Solution: Provide additional evidence, reference CVSS/OWASP, seek third-party opinion Issue: Vendor requests extended timeline Solution: Consider impact, negotiate reasonable extension, document agreement Issue: Legal threats received Solution: Consult lawyer, document good faith efforts, contact EFF if needed
Integration Points
| Component | Purpose |
|---|---|
| Agent 01 | Disclosure guidance |
| /report | Report generation |
| HackerOne | Bug bounty submission |
| Legal counsel | Risk assessment |
Practice ethical AI security research through responsible disclosure.