Trust & safety
Reporting abuse, takedowns, and vulnerabilities
socbox.cloud runs a free public code scanner. That means anyone can submit a public Git URL, and anyone can read the resulting scan. This page is where you tell us when something has gone wrong — someone using the scanner against you, a published scan that shouldn't be public, or a security bug in socbox itself.
Report abuse of the public scanner
Use this if someone is using socbox.cloud to recon, harass, or attempt to denial-of-service a system that's yours — for example, repeatedly submitting your organisation's repository to pump load against your Git host, or using socbox findings as a roadmap to attack code you operate.
Email abuse@socbox.cloud with as much of the following as you have:
- The repository URL or scan permalink involved (e.g.
https://www.socbox.cloud/scan/<id>). - What is happening — one or two sentences is fine.
- Why you have standing to report — operator of the repo, security contact for the affected system, the targeted person, etc.
- Any timestamps, log lines, or screenshots that help us correlate against our edge logs.
We'll acknowledge within one business day and act within five business days. Action ranges from rate-limiting a source IP range, to hiding a permalink from the public feed, to permanently blocking a submitter.
Takedown of a scan permalink
Use this if a published scan at socbox.cloud/scan/<id> contains material you have a legal right to have removed:
- DMCA / copyright:the scan exposes code you own and have not licensed for public scanning. Send a standard DMCA notice (identification of the copyrighted work, the URL of the permalink, your contact details, a good-faith statement that the use is unauthorised, a statement under penalty of perjury that you're authorised to act, and your signature).
- Leaked secrets:the scan exposes a credential that needs to be rotated rather than indexed. Tell us which permalink, which finding, and we'll redact the value and (if you ask) hide the permalink entirely. Rotate the credential first — we can't un-publish what mirrors and crawlers have already cached.
- Doxxing / personal data:a finding contains personal data that wasn't public before the scan. Same drill — permalink, finding, what you'd like removed.
- Court order or government request:send the order itself; we'll review with counsel.
Address: abuse@socbox.cloud with the subject line “Takedown: <permalink>”. Counter-notices follow the same address. We don't require a specific template; we'll come back and ask if anything is missing.
Urgent secrets-leak takedowns are usually same-day. Other valid takedowns are honoured within five business days.
Security vulnerability in socbox itself
Use this if you've found a vulnerability in socbox.cloud — a sandbox escape from the scanner, authentication bypass, server-side request forgery in the submission pipeline, anything that affects the safety of the service or its users.
Email security@socbox.cloud. For sensitive reports, use the PGP key linked from the security page, which also covers scope, safe harbour, and our hall of fame.
We acknowledge security reports within 24 hours, triage within 72 hours, and ship a fix within seven days for critical issues.
Response times
- Acknowledge: within one business day (within 24 hours for security@).
- Action on a valid request: within five business days for abuse and takedown; within seven days for critical security fixes.
- Urgent secrets-leak takedowns: usually same-day, once you confirm the credential has been rotated.
If you're unsure which address fits, send to abuse@socbox.cloud and we'll route it.
See also
- Terms of Service— what counts as misuse of the scanner.
- Privacy policy— what we collect from each submission, and how to ask us to delete it.
- Security— responsible disclosure, scope, and PGP key.