1Hive has an ongoing Bug Bounty program where community members can report any bugs or vulnerabilities they discover in smart contracts for a reward of up to $20,000. Find more information on the bounty criteria and application process on the Bug Bounty page.
See the official Bug Bounty Program and the Bug Bounty Swarm for more details.
Currently 1Hive does not audit it's code, see this post regarding this:
{% embed url="https://forum.1hive.org/t/a-note-on-1hive-contract-audits/975" %}
However, we did have an audit for Dandelion. ConsenSys Diligence conducted a security audit of 1Hive’s Dandelion org template and supporting apps. Dandelion orgs are a DAO template that function similarly to MolochDAO, and are comprised of a suite of modular Aragon apps that can be used in any Aragon DAO.
{% embed url="https://consensys.net/diligence/audits/2019/12/dandelion-organizations/" %}