Report a Vulnerability
If you've noticed something on our site that looks wrong — a defaced page, a suspicious redirect, a broken script behaving unexpectedly, or anything that could harm visitors — please drop us a line. We're a small team and genuinely appreciate the heads-up.
What to Include
You don't need to write a formal report — a plain email works fine. It helps if you include:
- A short description of what you noticed and where — the page URL is a great start.
- Steps to reproduce the issue, or a screenshot if that's easier.
- What browser or device you were on — sometimes that matters for frontend issues.
- Your contact details if you'd like us to follow up with you directly.
Our Response Commitment
We're a small team, not a dedicated security operation. Here's what we can honestly commit to:
Since our site is static with no user accounts or sensitive backend, most issues we'd encounter are cosmetic or supply-chain in nature — so fixes are typically straightforward. We'll always let you know what we found and what we did about it.
Scope
This policy covers the website assets we directly own and control under the thesocialmagas.com domain — including its pages, scripts, styles, and DNS configuration.
Out of scope: Our site is hosted on Netlify and contact forms are powered by Google Forms — infrastructure and data handling for both are entirely managed by those providers. Vulnerabilities in Netlify or Google's systems should be reported directly to Netlify and Google respectively. We do not collect, store, or process any personal data on our own infrastructure.
Safe Harbor
We have no interest in taking legal action against anyone who reports an issue in good faith. Since we're a static informational site with no user accounts or stored personal data, the bar here is simple — just don't do anything harmful while exploring:
- Don't attempt to access, scrape, or interfere with contact submissions made via our Google Form — those belong to Google's infrastructure, not ours.
- Don't deface, alter, or disrupt the site or its availability for visitors.
- Let us know before going public — we'll be quick about it.