Silent features

Clarity

Reports should be clear and should not misguide readers. Be a vulcan, and congruent.

Depth

Assume the program owner, developers, security team members reading the report know about the found vulnerability as much as the report describes it. The report should focus deeply on the technical aspects of the vulnerability, so they can do their job well.

Respect

This is probably one of the most important features in the report: being respectful to others. Include that respect also in all correspondence. We are authentic and not deceiving them in any way.