All PoCs submitted must comply with the following PoC Guidelines and Rules.

Prohibited behaviour

• Engaging in activities such as phishing or social engineering targeted at our staff and customers
• Conducting tests on third-party systems, applications (like browser extensions), and websites (such as SSO providers and advertising networks)
• Carrying out denial of service attacks
• Performing automated tests that generate excessive amounts of traffic to our services, Making public the existence of an unpatched vulnerability covered by a restricted bounty program
• Engaging in any other actions that are prohibited by the rules set forth here. These rules are subject to modification at any given time.