Avala
Security

Rewards

What we pay.

Rewards scale with the surface you hit and the impact you prove. Top-of-band is the ceiling; quality and novelty multipliers can add up to +50%.

A note on our stage

Avala is a pre-Series-A startup, and our bounty amounts reflect that. We've sized rewards to what we can sustainably pay today while still recognizing serious work. As the company grows and our security budget grows with it, we plan to raise these tiers meaningfully — and to backfill bonus payments for researchers who helped us in the early days. If you choose to work with us now, thank you. We'll remember it.

Monthly bounty pool is currently capped at $5,000 aggregate. Reports past the cap are still triaged and fixed on SLA — payment is queued to the next month, in order received.

Attack surfaces & max reward

Max payout per surface. The examples column shows what earns top-of-band. Lower-impact variants still pay, just less.

SurfaceExample qualifying findingsMax
Mission Control (avala.ai)
Flutter web annotation platform. Customer workspaces, datasets, annotations.
  • Cross-tenant data access
  • Authentication or authorization bypass
  • Account takeover
  • Stored XSS with session or data impact
$1,500
API / MCP endpoint (api.avala.ai)
Django REST API + read-only MCP server that AI agents query.
  • Auth bypass or privilege escalation
  • MCP SELECT-only bypass (INSERT / UPDATE / DELETE via the MCP surface)
  • SQL injection, command injection, SSRF
  • Unauthenticated access to customer data or PII
$2,500
AI / LLM endpoints
LLM-powered features: annotation review, MCP query planning, agent integrations.
  • Prompt injection that exfiltrates customer data
  • Indirect prompt injection via uploaded annotations
  • Training-data or model exfiltration via the API
  • Agent-chain authz bypass (MCP role confusion)
$2,500
SDKs & packages
Published npm + PyPI packages that customers run inside their own code.
avala (PyPI), @avala-ai/sdk (npm), @avala-ai/mcp-server (npm)
  • Supply-chain injection (malicious dep, typosquat we missed)
  • Credential exfiltration from SDK internals
  • RCE in parser / serializer / client
$2,500
Mobile app (Arcade)
iOS + Android Flutter app used by annotators in the field.
  • Deep-link hijack with session impact
  • Insecure storage of auth tokens
  • Offline-cache bypass of server-side authz
$750
Customer-facing web surfaces
about.avala.ai, docs.avala.ai.
  • Stored XSS on docs.avala.ai
  • Admin-route exposure on any listed subdomain
$750
Infrastructure (AWS, Cloudflare, DNS, TLS)
Publicly-exposed Avala-owned cloud surfaces.
  • Subdomain takeover on any *.avala.ai we own
  • Public S3 bucket with customer data (avala-* prefix)
  • Misconfigured Lambda / Worker endpoint returning internal state
  • Certificate or email-auth (SPF/DKIM/DMARC) spoofing primitives
$750
Authentication (Auth0 integration)
How we wire Auth0, not Auth0 itself (report Auth0 bugs to Auth0).
  • JWT validation bug in our middleware
  • API-key scoping flaw (server/apps/apikey/)
  • Session-fixation or re-use across tenants
$1,500

Severity reference

If your finding doesn't map cleanly to one surface, or for the bands we anchor each surface against, here's the CVSS v3.1 tier map.

SeverityCVSS v3.1Cash
Informational / Low< 4.0$25
Medium4.0 – 6.9$100 – $150
High7.0 – 8.9$250 – $500
Critical9.0 – 10.0$500 – $1,500
Exceptional chain / broad impactDiscretionary bonus

CVSS calculator: first.org/cvss/calculator/3.1

Multipliers

+25% quality bonus

Repro steps, impact analysis, and suggested fix in your first submission.

+25% novel class

First AI/LLM-specific finding of its kind on our platform, or a genuinely new vulnerability class.

First-to-report

The first valid report for a given issue gets the bounty. Duplicates receive CVE credit but no cash.

Not rewarded

  • Reports using real customer data (even in PoC). Retest against your own test account.
  • Reports that caused service disruption.
  • Reports from individuals located in sanctioned countries (OFAC restrictions).
  • Reports from current Avala employees, contractors, or their immediate family members.

Payment & tax

How we pay

  • Method: PayPal (all researchers, all countries)
  • Timing: within 30 days of the bounty decision
  • Currency: USD unless otherwise agreed

Tax forms

  • US: W-9 required before first payout. 1099-NEC issued if you receive $600+ in a calendar year.
  • International: W-8BEN required before first payout.
  • Tax forms are uploaded securely through your researcher profile.
  • Bounty income is reportable on your own tax return per your country's rules.

Questions about rewards?

Read the FAQ