DocuShell
DocuShell logoPProduct Hunt1 month Pro free, limited slotsReserve free Pro

Security Policy

Last updated: May 23, 2026

DocuShell provides privacy-first PDF tools, secure cloud workers, and authenticated API workflows for document processing. This page explains the security boundaries for browser tools, queued jobs, temporary files, API access, and responsible vulnerability reports.

Document Processing Model

Many simple PDF tasks run locally in the browser when the task allows it. Files used in those browser-based tools do not need to leave your device for processing.

Heavier jobs, including server compression, webpage capture, conversion, Parse API workflows, OCR-capable paths, and other API automation, use isolated cloud workers. Uploaded and generated files are stored only in temporary processing storage for job completion and download delivery. Downloads trigger cleanup after the stream completes or is interrupted, and any remaining temporary files are swept within 1 hour.

API and Worker Controls

Developer API requests use bearer API keys where API access is required. Keys are created from the account dashboard, shown once at creation, and can be revoked. API jobs use a queued lifecycle: submit the job, poll status, then download the completed artifact from an authenticated endpoint.

DocuShell applies request validation, file-type checks, rate limits, requester-scoped downloads, and structured error handling before work reaches processing workers. URL rendering jobs block private network, intranet, and cloud metadata targets to reduce SSRF risk.

AI-Ready Extraction

Deterministic extraction is a data-integrity feature, not a replacement for security review. DocuShell Parse API returns structured JSON, tables, page context, and coordinates so RAG systems and rule-based workflows can verify source data instead of relying on flattened text that can cause AI hallucinations.

How to Report a Vulnerability

Email security reports to [email protected]. Include a clear description of the issue, affected URL or endpoint, reproduction steps, expected impact, and any relevant screenshots, request logs, or proof-of-concept details.

Please do not include live user documents, credentials, secrets, or personal data in your report. If a finding requires a sample file, use a synthetic test document that contains no sensitive information.

Scope

In-scope reports include vulnerabilities affecting DocuShell web pages, API routes, API key handling, authentication flows, file upload and download handling, browser-based PDF tools, temporary cloud-processing workflows, rate limits, URL validation, worker isolation, and document cleanup behavior.

Out-of-scope reports include social engineering, physical attacks, spam, denial-of-service testing, automated scanner output without demonstrated impact, missing non-critical security headers, and issues affecting third-party services outside DocuShell control.

Testing Rules

Keep testing limited, non-destructive, and tied to accounts, API keys, URLs, and files you control. Do not attempt to access, modify, exfiltrate, or delete another user's data. Do not disrupt service availability, bypass payment or usage limits for real use, or run high-volume automated tests without prior written permission.

If you encounter data that does not belong to you, stop testing immediately and report only the minimum information needed for us to investigate.

Our Response Process

We review security reports as quickly as possible and may follow up for clarification or additional reproduction details. We prioritize findings based on practical impact, exploitability, affected users, and whether sensitive documents, API keys, account data, temporary artifacts, or document-processing workflows could be exposed.

We do not currently operate a paid bug bounty program. Submitting a report does not create an employment, contractor, or compensation relationship with DocuShell.

Safe Harbor

We will not pursue legal action against researchers who make a good-faith effort to follow this policy, avoid privacy violations, avoid service disruption, and report vulnerabilities promptly. This safe harbor does not apply to unlawful activity, extortion, public disclosure before remediation, or testing that harms DocuShell users or systems.

Security Questions

Does DocuShell store uploaded PDFs?

Browser-based tools process files locally when the task allows it. Server-side tools and API jobs use temporary processing storage for job completion and download delivery, then remove files after streaming or within the one-hour cleanup window.

How are DocuShell API jobs protected?

API workflows use authenticated requests, rate limits, queued workers, job polling, requester-scoped downloads, and temporary artifacts that expire after processing.

How does DocuShell reduce AI hallucinations from PDFs?

The Parse API returns deterministic structured data such as JSON fields, tables, page context, and coordinates so RAG systems and rule-based workflows can verify source data instead of relying on flattened text.

How do I report a DocuShell security issue?

Email [email protected] with the affected URL or endpoint, reproduction steps, expected impact, and safe proof-of-concept details that do not include live user documents, credentials, secrets, or personal data.

Related Policies

For details about document handling, temporary file deletion, analytics, advertising, and privacy requests, read our Privacy Policy.