Report form
Send an abuse report to VaultProof.
This form opens your email client with the details you provide. If the form does not open correctly, email [email protected] directly.
Good reports
Useful details help us act faster.
We can investigate more quickly when the report connects the suspected abuse to a concrete token, provider, account, request pattern, domain, or time window.
Identifiers
Include safe prefixes, request IDs, provider names, dashboard project names, URLs, timestamps, and account emails when you can share them.
Evidence
Share logs, screenshots, provider notices, billing alerts, repository links, scanner findings, or incident tickets that support the report.
Impact
Tell us whether there is active misuse, unexpected spend, exposed credentials, spam, fraud, denied service, or harm to users.
Safe handling
Redact full secrets, passwords, tokens, private prompts, and customer data. Prefixes and hashes are usually enough for triage.
Urgent steps
If a provider key is exposed, rotate it at the provider.
VaultProof can help reduce where provider keys live, but a provider key that has already leaked should still be rotated or revoked with the upstream provider.
-
1
Revoke or rotate the raw provider key
Use the provider dashboard first so the exposed credential stops working outside VaultProof.
-
2
Check application and hosting environments
Remove the old key from repos, CI variables, hosting settings, local env files, logs, and copied snippets.
-
3
Send VaultProof evidence
Email token prefixes, request IDs, timestamps, affected routes, and account details so we can review platform activity.
Scope
Use the abuse channel for harmful or unauthorized activity.
The abuse inbox is for reports that require investigation, enforcement, provider coordination, or evidence preservation.
- Stolen, leaked, scraped, or unauthorized provider keys connected to VaultProof.
- VaultProof tokens or accounts being used without authorization.
- Spam, fraud, malware, credential stuffing, denial-of-service activity, or illegal content routed through VaultProof.
- Attempts to bypass plan limits, rate limits, billing controls, abuse controls, or security boundaries.
- Security researcher reports that involve real abuse, exposed credentials, or active user risk.
For product bugs or setup help, use Docs or contact [email protected]. For vulnerability disclosure, use [email protected].
Review process
We review, preserve evidence, and take proportionate action.
Every report is reviewed for credibility, severity, user impact, and connection to VaultProof systems.
| Step | What we do | Possible outcome |
|---|---|---|
| Triage | Review the report, evidence, affected services, and urgency. | Prioritize active abuse, exposed keys, fraud, and safety issues. |
| Investigation | Check relevant account, token, routing, usage, and error metadata where available. | Confirm, reject, or request more information. |
| Action | Apply controls that fit the evidence and risk. | Throttle, revoke, suspend, block, notify, or escalate as appropriate. |
| Follow-up | Share what we can without exposing private account, security, or investigation details. | Close the report or continue monitoring. |
Reporter privacy
We keep abuse reports limited to people who need them.
We use report information to investigate, secure the service, enforce our Terms, comply with law, and communicate with the reporter when appropriate.
We may preserve or disclose information if required by law, necessary to protect users or providers, or needed to investigate and stop abuse. Personal data is handled under the Privacy Policy.
Contact
Use the right inbox for the fastest response.
Abuse reports go to [email protected]. Vulnerability reports go to [email protected]. Product and onboarding questions go to [email protected].