Skip to content
OLYDI
Get startedHow it worksSee a fixPricingCompareDocsBlogSecurity
Install GitHub App
Menu
Get startedHow it worksSee a fixPricingCompareDocsBlogSecurityInstall GitHub App

Responsible disclosure

Report security issues to security@olydi.com.

This policy covers the public marketing site and, when launched, OLYDI-hosted product surfaces. Do not test customer repositories, third-party accounts, or data you do not own.

Safe harbor

Good-faith reports that avoid data exfiltration, service disruption, persistence, and social engineering will be reviewed constructively.

What to send

Include affected URL, steps to reproduce, impact, timestamp, and your preferred contact details. Do not include secrets in the report.

What not to test

Do not access customer repositories, third-party accounts, production secrets, payment systems, or data you do not own. Stop testing if you encounter sensitive data.

Encryption

Use the OLYDI security public key at /pgp.txt for sensitive report details. The key fingerprint is 5D00 061E BD14 25D6 DF39 5912 67B4 380C BA78 0FD6.

Response standard

Valid reports should receive acknowledgement, triage, remediation status, and closure notes. Public disclosure timing is coordinated case by case.

Machine-readable policy

The launch security contact is available at /.well-known/security.txt.

Scan is free. Clearing it is paid.

Connect a repo and see real findings before you pick a tier.

Install GitHub App
OLYDI

OLYDI (oh-LEE-dee) is the free, developer-facing code-security scan. Exploit-gated, dollar-priced findings on every pull request — each with a gate-verified fix attached. OLYDI is a product of Valty, Inc.

Product

Get startedHow it worksSee a fixPricing

Developers

DocsBlogCompareREADME badgeStatusEarly access

Trust

SecurityDisclosureSupportsecurity.txtDPA

Legal

PrivacyTermsvalty.ai
OLYDI (oh-LEE-dee) · powered by ValtyScan is free. Clearing it is paid. Enterprise intent routes to valty.ai.