Responsible Disclosure Reporter Boilerplate

I've seen a number of templates for new bug bounty programs / "receivers" (e.g. NCSC and CERTCC); however, I couldn't find anything for reporters. Here's what I use:

If you are reading this, it is because I have reached out regarding a potential software or hardware flaw or vulnerability I discovered. Pursuant to established best practices, I follow a standard 90-day public disclosure timeline based on Google's vulnerability disclosure policy. For more details on responsible disclosure, check out Bugcrowd's guide. This disclosure is provided under responsible disclosure best practices and guidelines. My research activities, conducted in good faith and exclusively aimed at cybersecurity improvement, are protected by relevant laws including the US Department of Justice's CFAA Policy and relevant DMCA exemptions related to security research.

If a vendor suggests bug bounty or paid engagement (change <in|brackets> as needed).

I <am|not> open to compensated engagements, such discussions are entirely separate and do not affect my commitment to responsible disclosure.