Disclosure channel exists

Symbiotic's assessment for RD-F-175 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Immunefi bug bounty program active at immunefi.com/bug-bounty/symbiotic/ with $500K maximum payout confirmed via search results. No separate SIRT email or security contact found. SECURITY.md absent (security_md_present: false per cache). The Immunefi program constitutes a public disclosure channel but no additional backup channel exists. Yellow = disclosure channel exists but no direct evidence of active monitoring activity (no publicly disclosed bounty payout or researcher acknowledgment in last 12 months found). Direct Immunefi page access returns 404; program confirmed via search-indexed content.

Sources #

URL
Symbiotic — profile §9 official channels cross-referenceProfile §9 notes Immunefi program at max $500K; no security email foundretrieved 2026-05-16
URL
Symbiotic Bug Bounties — ImmunefiImmunefi bug bounty program — active program confirmed with $500K max payoutretrieved 2026-05-16
Internal
Data cache — GitHub security_md_present flag00-data-cache.json github.security_md_present: false — no SECURITY.md in core reporetrieved 2026-05-16

Methodology #

Determine whether the protocol publishes a public security disclosure channel (security@ email, Immunefi program, in-house disclosure page).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol symbiotic factor RD-F-175 score yellow collected_at 2026-05-16 09:25:24