Skip to main content
Every verified contribution you make to OSM builds your reputation on the platform. The points and reputation system is designed to reward high-quality, accurate threat reports — not volume — so the community can identify trusted contributors and surface the most reliable intelligence. Your reputation is visible to the community and plays a direct role in your eligibility for advanced roles.

How points are earned

You earn points when a report you submit is verified by the OSM review team. The number of points awarded depends on two factors:
  • Threat severity: Higher-severity threats (for example, active supply-chain attacks or credential stealers) earn more points than low-severity findings.
  • Report quality: Clear evidence, accurate metadata, and well-documented analysis all contribute to a higher quality score, which increases your point award.
Your reputation score and points total are visible on your public OSM profile. Other contributors and organizations can view your contribution history.

How false positives affect your profile

If a report you submitted is reviewed and determined to be a false positive — a legitimate package or resource incorrectly flagged as malicious — it is marked as such on your profile. False positives:
  • Remain visible on your public contribution history.
  • Do not earn points.
  • May affect your eligibility for reviewer roles if they appear frequently relative to your verified reports.
Deliberately submitting false reports violates the community guidelines and can result in suspension or a permanent ban. See the community guidelines for details.

Modified reports

If a reviewer corrects or updates your submission before it is verified — for example, adjusting the severity classification or adding missing metadata — your report is marked as modified. Modified reports still earn points. The correction is an opportunity to learn what high-quality submissions look like.
Review the feedback on any modified report to improve the accuracy and completeness of future submissions.

Leaderboard recognition

The OSM leaderboard publicly recognizes the top contributors by total verified points over rolling time periods. Appearing on the leaderboard is a mark of consistent, high-quality contributions to the community’s threat intelligence.

The reviewer path

Experienced contributors with a strong track record of accurate, well-documented reports may be invited to join the OSM review team. Reviewers evaluate incoming threat submissions and help verify reports from other community members.
Reviewer invitations are extended by the OSM team based on your contribution history and reputation score. There is no formal application process — focus on submitting high-quality reports consistently.