LIVE
OPUS 4.7$15 / $75per Mtok
SONNET 4.6$3 / $15per Mtok
GPT-5.5$10 / $30per Mtok
GEMINI 3.1$3.50 / $10.50per Mtok
SWE-BENCHleader Claude Opus 4.772.1%
MMLU-PROleader Opus 4.788.4
VALS FINANCEleader Opus 4.764.4%
AFTAv1.0 whitepaper live at /whitepaper
OPUS 4.7$15 / $75per Mtok
SONNET 4.6$3 / $15per Mtok
GPT-5.5$10 / $30per Mtok
GEMINI 3.1$3.50 / $10.50per Mtok
SWE-BENCHleader Claude Opus 4.772.1%
MMLU-PROleader Opus 4.788.4
VALS FINANCEleader Opus 4.764.4%
AFTAv1.0 whitepaper live at /whitepaper
All systems operational0 AI providers monitored, polled every 2 minutes
Live status

Security Policy

Last updated: May 4, 2026

TensorFeed.ai welcomes responsible disclosure of security issues. This page describes how to report a vulnerability, what is in scope, and what you can expect from us in return. The machine-readable companion to this page lives at /.well-known/security.txt and follows RFC 9116.

How to Report

Send a clear, reproducible report to security@tensorfeed.ai with subject line beginning [security]. Please include:

  • A short description of the issue and its impact
  • Step-by-step reproduction (URL, request payload, expected vs actual response)
  • The date you discovered it
  • Whether the issue is already public anywhere
  • How you would like to be credited if at all

Please do not file a public GitHub issue for unpatched vulnerabilities. Use email so we can coordinate a fix and disclosure timeline together.

Scope

In scope:

  • tensorfeed.ai and any subdomain we operate
  • The Cloudflare Worker that serves /api/*
  • The @tensorfeed/mcp-server npm package
  • The tensorfeed Python and JavaScript SDKs
  • The agent payments rail (USDC on Base) where it touches our wallet, signed receipts, or stored credit balances
  • The Agent Fair-Trade Agreement implementation

Out of scope:

  • Denial of service against the live API (we already cap aggressive traffic; volumetric tests will just trip the rate limiter)
  • Findings on third-party services (Cloudflare, Resend, npm, PyPI, Base RPC providers, Hugging Face, Semantic Scholar, arXiv) that we depend on but do not operate
  • Reports from automated scanners with no proof-of-impact attached
  • Missing security headers on assets that are not user input boundaries (see CSP via public/_headers)
  • Self-XSS that requires the user to paste content into their own browser console

What to Expect

  • Acknowledgment within 72 hours of receiving your report.
  • Triage and severity assessment within 7 days, with a fix plan if the report is in scope.
  • Coordinated disclosure once a fix is deployed. Default disclosure window is 90 days from initial report; we will ask for an extension only if a fix is genuinely complex.
  • Credit in the acknowledgments section below if you would like it. We do not currently run a paid bug bounty program, but we will publicly thank you.

Safe Harbor

We will not pursue legal action against researchers who follow this policy in good faith. Specifically: do not access data that is not yours, do not modify or delete data, do not degrade service for other users, and do not retain credentials, personal data, or proprietary information. If you discover any such material inadvertently, stop testing immediately and contact us. We treat reports as confidential until a coordinated disclosure timeline is agreed.

Defenses Currently in Place

Useful context for researchers when scoping reports:

  • Prompt-injection sanitization on every agent-facing endpoint and on every MCP server tool response. See docs.
  • Per-IP rate limit (120 req/min) on free public endpoints; per-token circuit breaker (20 identical or 100 varied req/min/token) on premium.
  • Static-site security headers (CSP, HSTS preload, frame-ancestors, COEP, CORP) via public/_headers.
  • OFAC sanctions screening on every payment confirmation via the Chainalysis public API; misconfig fails closed.
  • Ed25519-signed receipts on every premium response, public key at /.well-known/tensorfeed-receipt-key.json.
  • Replay protection on every USDC transaction hash (no reuse, ever).
  • Public on-chain payment rail. Every credit purchase is independently verifiable on the Base block explorer.
  • No-charge guarantees for 5xx responses, circuit-breaker trips, schema validation failures, and stale data. The public no-charge ledger records every event.

Pre-publication review

Before publishing v1.0 of the AFTA standard, the worker-side reference implementation went through internal code review and AI-assisted multi-model code analysis. Findings identified during this process were patched before the whitepaper went live; commit history at the public repo carries every security-relevant change under the security(afta): prefix and is the authoritative record of what was patched and when.

A third-party human security audit will be commissioned when revenue and traffic justify the cost. Audit reports will be published here as they land.

Full disclosure policy at SECURITY.md in the repository.

Acknowledgments

We will list researchers who report valid issues here, with their permission. No entries yet. Be the first by following the reporting process above.

Related