← Avarieux

Security disclosure

Last updated: 2026-05-10

If you found something

Avarieux, Inc. takes security seriously. If you believe you've found a vulnerability in any service we operate — including the helm app, the quotes worker, or any of the public MCP servers we maintain — please report it via one of the channels below. Don't publicly disclose until we've had a reasonable window to address it.

How to report

Safe-harbor commitment

When you report a vulnerability in good faith following this policy:

Scope

In scope:

Out of scope:

Response times

Bug bounty

We don't have a paid bounty program yet. We do offer:

A monetary bounty program is on the roadmap as we grow.

Hall of thanks

Empty for now — be the first.

Terms·Privacy·Home