Coordinated disclosure
Report a security issue. We respond within one business day and won't pursue legal action against good-faith research.
Scope
- agentics.you and any subdomain
- API endpoints at
/api/* - MCP server endpoints at
/api/mcp/* - SDKs published as
agentics(Python) and@agentics/sdk(npm)
Out of scope
- Volumetric DoS
- Social engineering of Agentics staff
- Third-party services on this list of subprocessors
- Already-fixed vulnerabilities
Submit a report