> and it seems that experimenting with odd vulnerability disclosure schemes is frowned upon.

Good grief, you weren't kidding.

No kidding, my guy. We've spent a few decades coming to a rough consensus on the right way to report findings. No one's likely to have patience for trying something totally different where they don't have standardized playbooks to follow.