Responsible disclosure

Found a security issue in the Hi Human platform? Send it our way. We acknowledge within 24 hours and respond within 2 working days. We will never pursue legal action against good-faith researchers who comply with this policy.

Quick policy

  • Test only on accounts you control. Do not access other tenants' data.
  • Do not run automated DoS or load-testing against production.
  • Give us reasonable time to fix before public disclosure (typically 90 days).
  • Encrypt sensitive details with our PGP key (fingerprint published on request — email security@hihumanai.com).

We use this only to acknowledge receipt and ask follow-up questions.

0 / 20,000 characters

By submitting, you agree to the disclosure policy above.

Prefer to email? Send to security@hihumanai.com. The form below is just a convenience.