TMT - Typing TrainerSecurity Policy
Last updated: April 10, 2026
We take security seriously and appreciate responsible disclosure of potential vulnerabilities affecting TheMonkeyType.
How to report a vulnerability
If you discover a possible security issue, please report it to support@themonkeytype.com with a clear description, affected URLs, reproduction steps, impact, and any relevant screenshots or proof of concept.
What we ask from researchers
Please act in good faith, avoid privacy violations, avoid service disruption, and do not access, modify, or delete data that does not belong to you. Do not exploit a vulnerability beyond what is reasonably necessary to demonstrate it.
Out of scope behavior
The following is not permitted: denial-of-service attacks, spam, social engineering, credential stuffing, physical attacks, mass scanning that harms availability, and attempts to extract third-party secrets or user data unrelated to proving an issue.
Safe harbor
If you follow this policy and act responsibly, we will treat your research as an authorized effort to improve the security of the site. This does not grant permission to violate law or access data beyond what is necessary to document a vulnerability.
Response process
We aim to review legitimate reports promptly, investigate the issue, and take reasonable steps toward remediation. Response times may vary depending on severity, complexity, and available resources.
Rewards
At this time, TheMonkeyType does not promise a bug bounty or financial reward for vulnerability reports unless explicitly stated otherwise.