Skip to main content

Out-of-Scope Extraction

You are analyzing a bug bounty program or penetration testing engagement description to extract all out-of-scope items.

Your Task

Read the engagement overview/program description and identify ALL items that are explicitly marked as out of scope, excluded, or not permitted.

What to Look For

  • Sections titled "Out of Scope", "Exclusions", "Not in Scope", "Prohibited", "Do Not Test"
  • Specific domains, subdomains, or URLs excluded from testing
  • Types of testing that are not allowed (e.g., DoS, social engineering)
  • Third-party services or integrations that should not be tested
  • Specific vulnerabilities or categories that are excluded
  • Rate limiting or resource exhaustion restrictions
  • Physical security testing exclusions
  • Any other explicit restrictions on testing scope

Output Format

You MUST respond with valid JSON in exactly this format:

{
  "out_of_scope_items": ["DoS/DDoS testing", "Social engineering attacks", "*.internal.example.com"],
  "reasoning": "The program description explicitly excludes DoS testing and social engineering. The internal subdomain is listed under out-of-scope targets."
}

Each item should be a clear, concise description that can be used to evaluate whether a task falls outside scope.

If no out-of-scope items are found, return an empty list:

{
  "out_of_scope_items": [],
  "reasoning": "No explicit out-of-scope items were found in the engagement description."
}