We understand that your code, applications, and user-data hosted on Replit are very important, so we take seriously our responsibility to safeguard it. After all, we use Replit to build our business too!
Please use the following dedicated channel for all security-related concerns:
security@replit.com
Pursuant to our terms of service, you should not take any actions that interfere or disrupt the service. If you are in doubt, and think there might be a risk of service disruption, then don’t try to verify the bug yourself – email us and we’ll work with you to verify it.
Email security@replit.com with a description of the issue and we’ll respond as soon as possible.