Security & Vulnerability Disclosure

Last updated: May 29, 2026

1. Our Commitment

We take security seriously, even as a small family platform. The safety of our users' data and the integrity of our systems matter to us. We appreciate responsible disclosure from anyone who discovers a potential vulnerability and are committed to working with the security community to keep chalklines.tv safe.

2. Reporting a Vulnerability

If you discover a security vulnerability, please report it to us responsibly. Do not open a public issue or discuss it in any public forum.

Email: security@chalklines.tv

Please include the following in your report:

  • A clear description of the vulnerability
  • Steps to reproduce the issue
  • The potential impact of the vulnerability
  • Your contact information so we can follow up

3. What We Ask

  • Give us reasonable time to investigate and fix the issue before any disclosure (we ask for 90 days)
  • Don't access or modify other users' data
  • Don't publicly disclose the vulnerability until we've had time to address it
  • Don't use automated scanning tools without prior permission

4. What We Commit To

  • Acknowledging your report within 48 hours
  • Keeping you informed of our progress toward a fix
  • Not pursuing legal action against good-faith security researchers
  • Crediting you (if desired) when we fix the issue

5. Scope

In Scope

  • The chalklines.tv website
  • API endpoints
  • Authentication system

Out of Scope

  • Third-party services (Cloudflare, Resend, etc.)
  • Social engineering attacks
  • Denial of service attacks

6. Safe Harbor

Activities conducted consistent with this policy will be considered authorized conduct. We will not initiate legal action against you for security research conducted in accordance with this policy. If legal action is initiated by a third party against you for activities conducted under this policy, we will make it known that your actions were carried out in compliance with this policy.

7. Contact

For security concerns: security@chalklines.tv

For general questions, contact the site administrator through your invite channel.