the/FBF← Home

Legal

Security & Vulnerability Disclosure

Last updated: June 29, 2026

We welcome good-faith reports from security researchers. This page explains how to reach us and what to expect. It is a coordinated-disclosure policy, not a contract or a bug-bounty program.

1. Reporting a vulnerability

Email security@freebatteryfactory.com with the subject line:Security Report - Free Battery Factory. Helpful reports include:

  • The affected URL, endpoint, repository, or package
  • A clear description of the issue and its potential impact
  • Steps to reproduce, or a minimal proof of concept

Do not include secrets, credentials, regulated data, protected health information, financial account numbers, or third-party confidential information in your initial report.

2. Scope

This policy covers our public-facing systems, such as:

  • The freebatteryfactory.com website and its public contact form
  • Our public source repositories and published packages
  • Other public-facing systems we operate

Third-party services we use (for example, hosting, email, or registry providers) are outside this scope — please report issues in those services to the relevant provider.

3. Good-faith research

We will not pursue or support legal action against researchers who, in good faith, follow this policy and act to avoid harm. In return, we ask that you:

  • Avoid privacy violations, data destruction, and service degradation or interruption
  • Do not run denial-of-service tests, send spam, or use social-engineering, phishing, or physical attacks
  • Do not access, modify, or retain data that is not yours; use only test data where possible
  • Give us a reasonable opportunity to investigate and remediate before public disclosure

4. No bug bounty

Free Battery Factory, LLC does not currently run a public bug bounty program and does not offer monetary rewards. We’re glad to credit researchers who report valid issues, if you’d like.

5. What to expect

We aim to acknowledge valid reports, investigate in good faith, and address confirmed issues as promptly as is reasonable for a small team. Timelines depend on severity and complexity.

6. security.txt

Our machine-readable contact details follow RFC 9116and are published at /.well-known/security.txt.

© 2026 Free Battery Factory, LLC · Philadelphia, PA

Privacy PolicyTerms of UseSecurity
← freebatteryfactory.com