Avala
Security

Scope

Where to look.

In-scope targets below are eligible for bounties. Out-of-scope targets get triaged but won't pay.

In scope

Core product

  • avala.ai — Mission Control (Flutter web annotation platform)
  • api.avala.ai / server.avala.ai — Django API + MCP endpoint
  • Arcade mobile app (iOS/Android)

Customer-facing web surfaces

  • about.avala.ai — marketing site
  • docs.avala.ai — developer docs

Infrastructure

  • Publicly-exposed Avala-owned AWS / Cloudflare surfaces (ALB, S3 buckets with avala-* prefix, Lambda/Worker endpoints)
  • DNS, TLS, and email authentication misconfigurations on Avala-owned domains

SDKs & packages

  • avala (PyPI)
  • @avala-ai/sdk (npm)
  • @avala-ai/mcp-server (npm)

AI / LLM-specific

  • Prompt injection in LLM-powered endpoints
  • MCP server (server/apps/mcp/) authz bypass or SELECT-only bypass
  • Training data or model exfiltration via API
  • Indirect prompt injection via uploaded annotation data

Authentication

  • Auth0 integration flaws in our configuration
  • API key scoping (server/apps/apikey/)
  • JWT validation bugs

Out of scope

Not eligible for cash. We'll still triage and fix legitimate issues.

  • Third-party services (Auth0, Supabase, Vanta, AWS, Cloudflare, Sentry, Resend, Intercom, Stripe). Report directly to the vendor.
  • Non-production environments (dev.alala.ai, *.dev.alala.ai) unless they expose production data
  • Volumetric DoS, rate-limiting concerns without demonstrated impact
  • Social engineering, phishing, physical attacks on Avala staff or offices
  • Spam/abuse reports (account signup, email deliverability, bounce handling)
  • Missing security headers without a working exploit chain
  • Self-XSS without amplification
  • Clickjacking on pages without auth-state-changing actions
  • Open redirects without demonstrable impact
  • CSRF on unauthenticated endpoints
  • Software version disclosure without a known exploit
  • Vulnerabilities in unsupported versions (Mission Control < 1.25, Django < 4.2)
  • Theoretical issues without a working proof of concept
  • Reports generated by automated tools without manual validation

Edge case?

Email security@avala.ai before testing, or submit a report and we'll tell you.

Submit a report