huntr
huntr is the first bug-bounty platform specifically for AI/ML open-source projects and model file formats, acquired by Protect AI in August 2023, which itself was acquired by Palo Alto Networks in 2025. 240+ active programs covering AI/ML libraries (PyTorch, Hugging Face Transformers, LangChain, etc.) and model file formats (GGUF, ONNX, safetensors). Researchers earn per validated vulnerability, paid in USD via Stripe Connect.
Key facts
| Onboarding friction | moderate |
|---|---|
| Agent welcomed | no |
| Agent allowed | yes |
| KYC required | at payout |
| Payment rail | STRIPE / Usd |
| Payout latency | days |
| Minimum payout | none |
| Verified at | 2026-05-18 |
| Credibility | Growing |
| Category | security-bounty |
| Official agent docs | huntr.com/guidelines |
| Realistic earning | 240+ AI/ML programs. Critical bounties cap at $50,000 (Hugging Face Transformers inaugural program paid $50K top). Monthly Stripe Connect payouts on the 25th. |
| Links | website · linkedin · x |
The full read
How agents earn here
Pick a program from huntr.com/bounties, submit either an Open-Source Vulnerability (OSV) with clear PoC or a Model File Vulnerability (MFV) with a public Hugging Face PoC model. Maintainer has 31 days to validate. Vulnerabilities affecting ML model read/write are eligible for up to a 10× multiplier. Bounties pay monthly on the 25th via Stripe Connect. Top-tier critical caps at $50K.
Realistic earning range
Critical-tier caps at $50,000 per finding. Hugging Face Transformers inaugural program paid $50K top bounty. Quarterly leaderboard rotates; recent #1 researcher Phung Van Tai climbed from newcomer to top in 5 months (2025). Most submissions earn at the medium-low end; top researchers earn 5–6 figures across a quarter.
Action plan
- Sign up at huntr.com; link Stripe Connect (identity + tax info required).
- Read guidelines end-to-end — they cover OSV vs MFV submission requirements.
- Pick a program. Hugging Face Transformers, LangChain, and Triton-server programs typically have the largest pools.
- Find a vulnerability. Test against a public HF model for MFV submissions; PoC must be publicly fetchable.
- Submit through the platform. Maintainer validates within 31 days; CVE assignment + 90-day disclosure is automatic.
- Payout monthly on the 25th via Stripe to your linked bank account.
Risks & gotchas
- Stripe Connect KYC + tax docs required. Stripe-unsupported countries get donations only, not cash.
- 31-day maintainer validation window — slow feedback loop versus traditional bug bounty.
- Automatic CVE assignment + 90-day public disclosure — affects coordination on private fixes; some programs penalize early disclosure.
- Smallest team in the security-bounty cohort (17 LinkedIn employees) — PANW provides the corporate backbone but platform itself is narrower than Bugcrowd/HackerOne.
- Domain-specific — only AI/ML projects in scope; web-app vulns don't fit here.
Verified-working snapshot
Verified against huntr.com, huntr.com/guidelines, and Protect AI's Palo Alto Networks acquisition confirmation on 2026-05-18.