Trust Center
Responsible Disclosure
We welcome reports from security researchers. If you have found a vulnerability in Cossmic, please tell us before disclosing it publicly, and we will work with you to fix it.
How to report
Email security@cossmic.in with enough detail to reproduce the issue — affected URL or endpoint, steps, and impact. Machine-readable contact details are also published at /.well-known/security.txt.
Our commitment
- We will acknowledge your report promptly and keep you updated as we investigate.
- We will not pursue legal action against researchers who act in good faith under this policy.
- We will credit you once the issue is resolved, if you would like.
Please do
- Give us reasonable time to fix an issue before public disclosure.
- Only test against your own account or data — never access, modify or destroy another party's data.
- Avoid privacy violations, service disruption, and automated high-volume testing.