Last reviewed 16 July 2026
Current application protections
- Gallery, submission, voting, and moderation APIs return an unavailable response without reading or accepting community content.
- Community, submission, and moderation pages do not load authentication, uploads, pending records, or galleries.
- Practice history and feedback use browser-local storage by default.
The repository includes deny-all Firestore rules for profiles, account-backed favorites, submissions, and votes, plus deny-all Storage rules for the community submissions path. An exact Firebase project and bucket mapping has not been verified for this site, so this notice does not claim those rule files are deployed to a live Firebase project.
Known limitations
Previously issued tokenized download links may require object deletion or token revocation in addition to any future verified Storage rules deployment. Previously created authentication, profile, or submission records may also require a separate inventory and deletion pass. This page does not claim that work is complete.
Asset provenance is incomplete beyond the repository build record. References are not described as licensed for redistribution, and community reopening is blocked on operational moderation and deletion controls.
Reporting is not operational
PromptToDraw does not currently have a verified public reporting inbox, monitored report form, or promised response time. Do not send personal, sensitive, or urgent information to guessed email addresses.
If someone is in immediate danger, contact the emergency service appropriate to their location. That is outside PromptToDraw and is not a site reporting channel.
Before community features can reopen
The service needs private review access, sanitized approved derivatives, rate limits, tested deletion and withdrawal, accurate retention terms, a real reporting route, moderator audit controls, and an age-appropriate participation model. The community guidelines describe the content standards that would accompany those controls.