From 06cf06f5018303cabf724166f3e2ee4714e013ac Mon Sep 17 00:00:00 2001
From: Liss-Bot <alicia-gh-bot@mail.as93.net>
Date: Mon, 11 May 2026 20:13:16 +0000
Subject: [PATCH] Add program: screenly.io

Co-Authored-By: Abubakar Mvunye <batamaji@users.noreply.github.com>
---
 independent-programs.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/independent-programs.yml b/independent-programs.yml
index fab4845..f830cf6 100644
--- a/independent-programs.yml
+++ b/independent-programs.yml
@@ -484,6 +484,28 @@ companies:
   - '*.redvilla.tech'
   hall_of_fame_url: https://redvilla.tech/bug-bounty/
 
+- company: screenly.io
+  url: https://www.screenly.io/bug-bounty/
+  contact: mailto:security-advisory@screenly.io
+  rewards:
+  - '*recognition'
+  program_type: vdp
+  status: active
+  safe_harbor: full
+  allows_disclosure: true
+  out_of_scope:
+  - Stage and test environments that may reside on the same domains
+  - Third-party services not owned or controlled by Screenly (e.g., payment providers, CDNs)
+  - Denial-of-service or capacity stress testing
+  - Social engineering, phishing, or physical attacks against employees, customers, or partners
+  - Known public CVEs without a practical exploit path
+  - Low-impact issues listed under “Non-Qualifying Issues”
+  domains:
+  - screenly.io (marketing site)
+  - screenlyapp.com (web application)
+  - Our digital signage players (Screenly Player / Player Max only)
+  requires_account: false
+
 - company: simbase.com
   url: https://simbase.com/terms/responsible-disclosure-policy
   contact: mailto:security@simbase.com