Security

Last updated: May 24, 2026

We take Promptobi's security seriously. If you discover a vulnerability, please report it to us responsibly before making it public.

Report a vulnerability

Email us with as much detail as possible: description of the issue, steps to reproduce, and potential impact. We will confirm receipt within 72 hours.

Contact: schmuklert@gmail.com

Responsible disclosure

Please do not publicly disclose findings until we have had a reasonable chance to review and fix them (typically 90 days). We will keep you updated on progress.

Scope

In scope:

• promptobi.com and subdomains
• The Promptobi web application
• The backend and API

Out of scope:

• Brute-force or denial-of-service attacks
• Social engineering of employees or users
• Spam or informational configuration reports with no demonstrable impact
• Tests that require accessing other users' data

Acknowledgements

We reserve this section to publicly thank researchers who report vulnerabilities responsibly. If you would like to be credited, please mention it in your report. With thanks to:

• Syed Khurram Shoaib
• Syed Wahab Shah