diff --git a/VULNERABILITY_RESPONSE_PROCESS.md b/VULNERABILITY_RESPONSE_PROCESS.md
index ee6f9c9..63ef588 100644
--- a/VULNERABILITY_RESPONSE_PROCESS.md
+++ b/VULNERABILITY_RESPONSE_PROCESS.md
@@ -28,6 +28,8 @@
    - Any report found to be speculative, unverified, or invalid will be closed as spam. Submitting such reports will result in a permanent ban from the bug bounty.
    - Only properly disclosed AI usage, accompanied by sufficient proof, will be considered for bounty rewards.
 
+8. Reports must demonstrate realistic attack scenarios with meaningful security impact. Scenarios that rely on unlikely or highly complex conditions must show proportionally significant impact; otherwise, they may be classified as informational at our discretion.
+
 ## I. Points of contact for security issues
 
 **Please, CC all points of contact if you decide to use email instead of HackerOne**