Security Policy

Cutout Magic

Reporting a Vulnerability

We take the security of Cutout Magic seriously. If you believe you have found a security vulnerability, please report it to us by emailing [email protected].

We will:

• Acknowledge receipt of your report.
• Provide an estimated timeline for resolution.
• Notify you when the vulnerability is fixed.

Disclosure Policy

We ask that you follow responsible disclosure:

• Do not disclose the vulnerability to the public or any third party until we have had a reasonable amount of time to fix it.
• Do not use the vulnerability to access or modify data that does not belong to you.
• Do not perform any activities that would disrupt our services or compromise the privacy of our users.

Scope

This policy applies to:

• The Cutout Magic website (cutoutmagic.com).
• The Cutout Magic browser extension.
• The Cutout Magic API.

Rewards

We currently do not offer a formal bug bounty program, but we greatly appreciate the help of the security community and may acknowledge your contribution (with your permission).