Skip to content

Legal

Terms of Service

Last updated: May 16, 2026

Authorized use

VibeCodeGuard scans only publicly reachable URLs. You may submit a URL only if you own it, operate it, or have permission to test it. Do not use VibeCodeGuard to scan third-party systems without authorization.

What the scanner provides

VibeCodeGuard provides automated security checks for headers, exposed files, injection probes, open redirects, rate limits, SSL posture, VibeCoding patterns, AI-agent runtime posture, Clawdbot/OpenClaw/Hermes/MCP public-surface signals, detected technologies, and report export. Results are informational and depend on what is publicly reachable at scan time.

What is not included

A VibeCodeGuard report is not a full manual penetration test, compliance certification, SOC 2 attestation, broad API inventory, AI-agent red-team engagement, or guarantee that an application has no vulnerabilities. Premium AI-agent findings may include owner-context test items for prompt injection, memory isolation, tool approvals, egress controls, logs, and cost limits; those require your own staging accounts, policies, and evidence. Use the findings as a launch checklist and confirm important issues in your own environment.

AI-agent scan limits

VibeCodeGuard uses bounded public GET probes for AI-agent runtime checks. Do not submit secrets, private prompts, customer records, memory dumps, production credentials, or raw logs. VibeCodeGuard does not intentionally invoke agent tools, MCP actions, shell commands, browser actions, email sends, file writes, purchases, or scheduler jobs on your behalf.

Payments and credits

Paid scans and scan credit bundles are purchased through Stripe. New-account Quick Scan credits require a no-charge Stripe registration before use so the included free scan stays limited to one account. Credits are applied to eligible scans after payment succeeds. If checkout, queueing, or report generation fails, contact support with the scan or purchase ID so the issue can be reviewed.

Availability

Scan duration and availability can vary based on target response time, queue health, network conditions, and third-party provider availability. VibeCodeGuard may refuse or throttle scans that appear unsafe, abusive, or outside the intended public URL scanning scope.

Contact

Questions about these terms, billing, or report access can be sent to hello@vibecodeguard.com.