Skip to content

Add program: kindo.ai #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lissy93 merged 1 commit into from
May 18, 2026
Merged

Add program: kindo.ai #73

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions independent-programs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -436,6 +436,43 @@ companies:
low: 48
requires_account: false

- company: kindo.ai
url: https://www.kindo.ai/vulnerability-disclosure-program
contact: mailto:bugs@kindo.ai
rewards:
- '*bounty'
- '*recognition'
- '*swag'
program_type: vdp
status: active
safe_harbor: full
description: Kindo welcomes responsible security research and appreciates reports that help keep our systems and customers safe. If you believe you’ve found a security issue, please report it privately and we’ll work with you to investigate and remediate.
out_of_scope:
- 'The following are explicitly excluded from this VDP:'
- Internal systems not accessible from the internet.
- Systems of third-party vendors or partners.
- Physical security vulnerabilities (e.g., building access).
- Denial of Service (DoS) vulnerabilities. While we appreciate reports of potential DoS vulnerabilities, we ask that researchers refrain from testing them against our systems.
- Social engineering attacks (e.g., phishing).
- Vulnerabilities in third-party libraries or frameworks unless they are uniquely exploitable in our implementation.
domains:
- 'This VDP applies to all internet-facing systems and applications owned or operated by Kindo.ai, including:'
- Kindo web properties
- 'Including kindo.ai, app.kindo.ai, and all related subdomains: This includes the main corporate website, customer portal, and any related web applications.'
- Deep Hat web properties
- Including deephat.ai, app.deephat.ai, and all related subdomains.
- API interfaces
- This includes all publicly accessible APIs.
- Acquired companies and related companies
- Unless otherwise stated, this VDP also applies to systems and applications of companies acquired or owned by Kindo.ai.
min_payout: 50
max_payout: 1000
currency: USD
payout_table:
critical: 1000
high: 500
medium: 150

- company: mintlify.com
url: https://www.mintlify.com/security/responsible-disclosure
contact: mailto:security@mintlify.com
Expand Down