Found something? Tell us, safely.

How to report

Email security@agentetna.com with:

• A clear description of the issue and its impact (what an attacker could do with it).
• Reproduction steps — the simpler, the faster we can act.
• Any logs, request/response captures, or screenshots that would help us reproduce.
• Your name (or a handle) and how you'd like to be credited if we publish a fix.

If you'd prefer encrypted reports, ask for our PGP key in the first message and we'll send it back.

What we commit to

• Acknowledgement within 72 hours of receipt (usually faster).
• Initial triage within 5 business days — a severity assessment and the next step we plan to take.
• A remediation timeline communicated once the issue is reproduced and scoped. Critical issues are fixed first.
• Status updates as we work, and a final note when the fix is shipped.
• Public credit if you want it — with your wording, on a page we maintain — once the fix is live.

Safe harbour

We will not pursue legal action against researchers who act in good faith and follow this policy. Specifically, we won't pursue a researcher who:

• Makes a sincere effort to avoid privacy violations, service disruption, and damage to data.
• Stops testing the moment a vulnerability is confirmed and reports it promptly.
• Doesn't access more data than necessary to demonstrate the issue, and deletes any incidental copies after reporting.
• Does not publicly disclose the issue until we've shipped a fix and agreed on the timing.

If you're unsure whether a research approach is OK, ask us first at the same email — we'd rather scope something safely than find out after.

In scope

• The Agent Etna application (the simulator, the landing pages, and the APIs they consume).
• The sandbox execution layer (the throwaway VMs that run a private copy of your agent).
• The secrets-manager connectors (Render, Doppler, Vault, Infisical, AWS Secrets Manager, Google Secret Manager, Azure Key Vault).
• The .etna/ footprint we commit into customer repos (anything that touches the contract, the changelog, or the way it's written).
• Authentication flows (OAuth, session handling, API tokens).
• Anything in the agent-to-Etna or Etna-to-agent transport.

Out of scope

To keep our triage focused on what matters, the following are not eligible for safe-harbour treatment:

• Volumetric attacks (DoS / DDoS / rate-limit probing without a real impact demonstration).
• Social engineering of our team, vendors, customers, or contractors.
• Physical attacks on offices or hardware.
• Spam, mass-mail abuse, or testing against rate limits in production.
• Findings that depend solely on outdated browser versions or missing low-impact security headers without a demonstrated exploit.
• Issues in third-party services we depend on — please report those directly to the vendor (our subprocessors are listed publicly).

Coordinated disclosure

We default to coordinated disclosure: we ship a fix, then you and we publish together. We aim for a 90-day window for most issues, shorter for actively exploited ones, longer when a fix is genuinely complex — we'll always tell you the reasoning.