- Bugs you created yourself
- Bugs in upstream projects (Scratch, TurboWarp, etc.) Please report these to the respective projects.
- Joke emails - do not send us emails like this, or else you may be blacklisted
- Bugs in extensions without the
Is-ampmodheader in their metadata - report these to TurboWarp.
Do not publicly report vulnerabilities on the AmpMod forums, wiki, comment sections, or repositories. You may be banned on the respective sites for doing so.
If you have discovered a security vulnerability in AmpMod, please contact: ampelectrecuted, at gmail, dot com. The subject should start with “AMPMOD SECURITY:“.
If you do not receive a response within 48 hours, please post in the Bugs and Glitches section of the AmpMod forums, stating that you have sent an email. Do not post the details of the vulnerability publicly. In addition, ping @amp in your post.
We do not have a bug bounty programme. However, we will acknowledge your contribution in the AmpMod credits if you wish.
Thank you!