If you’ve found a security issue in the Soundcheck Insights platform, we want to know. This page explains how to tell us, what we promise back, and the safe-harbor we extend to good-faith researchers.
Last updated · June 2026 · paired with /.well-known/security.txt
Email info@soundcheckinsights.com with the subject line Security report. Include:
If you’re acting in good faith — meaning you discover and report an issue without harming our customers, our data, or the platform’s availability — we will not pursue legal action against you under the Computer Fraud and Abuse Act, the Florida Computer Crimes Act, our Terms of Service, or any other applicable statute or contractual claim.
Specifically, we authorize good-faith research that:
In scope: soundcheckinsights.com (marketing), soundcheck.report (platform), and the public share URLs at /share/dashboard/[slug] and /share/research/[slug]. Any Soundcheck-authored API endpoint or webhook handler is in scope.
Out of scope: findings on our sub-processors (Clerk, Vercel, Neon, Anthropic, Inngest, Tavily, Telegram) should go directly to those providers’ security teams. Cosmetic issues (typos, broken non-security links), self-XSS that requires the victim to paste code into their own console, and social engineering of Soundcheck staff are out of scope.
No researchers acknowledged yet. If you’d like to be the first, the inbox is info@soundcheckinsights.com.
Soundcheck Insights LLC · Florida, United States · © 2026