ForKobo Policy

Security Disclosure Policy

Effective date: March 13, 2026

If you believe you found a security issue in a ForKobo service, please report it responsibly and give us a reasonable opportunity to review it before public disclosure.

1. How to Report

Send reports to trust@forkobo.com with the subject line Security Report.

• Describe the issue clearly.
• Include steps to reproduce, affected URLs, and screenshots where helpful.
• Do not include sensitive personal data unless strictly necessary.

2. Good-Faith Testing Expectations

• Do not exploit a vulnerability beyond what is necessary to demonstrate the issue.
• Do not access data that does not belong to you.
• Do not perform denial-of-service, destructive testing, or social-engineering attacks.
• Do not publicly disclose the issue until ForKobo has had a reasonable chance to investigate.

3. What ForKobo May Do

We may request more detail, confirm receipt, investigate internally, coordinate with vendors or partners, and decide whether and when to publish a fix or disclosure statement.

4. No Bounty Commitment

Unless ForKobo publishes a separate program in writing, this policy does not create a bug-bounty or reward obligation.