Skip to content

Playbook Bug Bounty Pre Submission Review

Hermes Agent edited this page Jul 11, 2026 · 1 revision

Bug Bounty Pre-Submission Review

Objective

Apply a final review to an external report candidate before submission.

Inputs

  • pre-submission decision artifact
  • evidence summary
  • draft report if GO
  • program context and exclusions

SMEs involved

Typically chief-of-staff, the originating analysis SME, and security-qa.

Flow

  1. confirm GO
  2. review claim scope against program rules
  3. check report clarity and evidence chain
  4. run QA
  5. package for submission

Gates

  • no draft before GO
  • no unsupported impact narrative
  • QA pass required

Outputs

  • ready-to-submit draft
  • blocked draft with corrections
  • fallback research plan if needed

Limitations

Program-specific business rules may still require human judgment.

Sanitized example

Downgrade a plausible report because the evidence supports a weak observation, not a qualifying security impact.

Clone this wiki locally