Terms of Service & Acceptable Use Policy

Sphyr Agent Guard  ·  Effective upon release  ·  Last updated March 20, 2026

1 - Definitions

  • "Service" - The Sphyr Agent Guard, including all associated APIs, infrastructure, and enforcement tooling operated by the Operator.
  • "Operator" - Sphyr, the individual who owns and operates the Service.
  • "Customer" - A natural person (age 18 or older) or a registered legal entity capable of forming a binding contract that accesses the Service using a provisioned API key. Automated systems are not legal entities; a human or company must be accountable for each API key issued.
  • "Agent" - Any AI model, autonomous system, script, or automated process that issues requests through the Service on a Customer's behalf.
  • "Credits" - Prepaid usage units purchased by the Customer and consumed by the Service on a per-request basis.
  • "Honeytoken" - A designated decoy domain or data path monitored by the Service for the purpose of detecting compromised or unauthorized Agents.

2 - The "Seat Belt" Principle (Exclusions of Liability)

The Service is a defense-in-depth transport-layer security tool designed to monitor and mitigate risks associated with autonomous Agent activity. It is not a guarantee of security, not a Web Application Firewall (WAF), not a Data Loss Prevention (DLP) solution, and does not relieve Customers of responsibility for their own systems.

Customers are solely responsible for the development, configuration, behavior, and output of any Agent connected to the Service. The Operator makes no representation that the Service will intercept every malicious, erroneous, or out-of-policy request. Specifically, the Operator explicitly disclaims liability for the following exclusions of service:

  • No Semantic Filtering: The Service inspects request metadata and data density (entropy). It does not evaluate the meaning, intent, or safety of the prompt or response. It cannot prevent an Agent from generating harmful, biased, or incorrect content.
  • Low-Entropy Leakage: The entropy scanner is designed to catch high-density keys and tokens. It cannot prevent "slow-burn" exfiltration where sensitive data is transmitted in small, low-entropy increments over long durations.
  • Application-Level Exploits: Sphyr Agent Guard is a transport-layer identity firewall. It does not protect upstream APIs from application-level attacks (e.g., Prompt Injection, SQL Injection, or XSS) initiated by the Agent.
  • Limited Payload Inspection: While the Service scans for secrets, it cannot decrypt or inspect payloads that are pre-encrypted or intentionally obfuscated to appear as low-entropy text.
  • Third-Party Dependency: Service availability is strictly dependent on the uptime of third-party providers (e.g., Cloudflare, Unkey). The "Fail-Open" billing logic is a business continuity feature and does not constitute a guarantee of service during outages.
  • User Misconfiguration: The Operator is not liable for security bypasses resulting from the Customer configuring overly permissive policies (e.g., whitelisting malicious domains or arbitrarily raising entropy thresholds).
  • Data Portability & Loss: Forensic logs are aggressively purged to maintain privacy-by-design principles. The Service is not a compliance archive or a long-term data store.

3 - Acceptable Use

3.1 Permitted Use

The Service may only be used for lawful, authorized proxying of HTTPS requests by AI agents and automated systems under the Customer's direct control.

3.2 Prohibited Conduct

The following activities constitute a material breach of this agreement and may result in immediate account termination:

  • Bypassing Security Controls - Any attempt to circumvent HMAC signature verification, session IP binding, rate-limiting windows, or any other enforcement mechanism of the Service.
  • Secret Exfiltration - Using the Service to move unauthorized credentials, private keys, bearer tokens, or other high-entropy secrets through the request pipeline.
  • Infrastructure Attacks - Using the Service to perform Server-Side Request Forgery (SSRF), DNS rebinding, Denial-of-Service (DoS), or any attack against third-party infrastructure.
  • Honeytoken Interaction - Any access to a designated Honeytoken domain or decoy data path, whether intentional or due to agent misconfiguration.
  • Key Sharing - Distributing, reselling, or transferring an API key to any party not under the Customer's direct control without the Operator's prior written consent.
  • Illegal Activity - Using the Service to facilitate any activity that violates applicable local, state, national, or international law.
  • Chargeback Abuse - Initiating a payment chargeback without first attempting to resolve the dispute through the internal 30-day billing dispute process described in Section 5.3. Chargeback abuse constitutes fraudulent misuse of the payment system and is grounds for permanent account termination and forfeiture of all remaining Credits.

4 - Automated Enforcement & Forensics

4.1 Enforcement Mechanisms

  • Immediate Key Revocation - Interaction with a Honeytoken domain results in the immediate suspension of the associated API key and flagging of the Customer account. This action is logged as a security incident.
  • Automated Suspension - Repeated high-risk signals, including session IP mismatches and entropy violations, may trigger automated account suspension without prior notice.
  • Forensic Logging - All requests are recorded as salted SHA-256 hashes for 180 days to support post-incident forensics and financial dispute resolution. Raw diagnostic rationale is purged after 30 days. No plaintext URLs, IP addresses, or email addresses are stored.

4.2 Disputes & Appeals

Customers who believe an automated enforcement action was applied in error may contact the Operator at legal@sphyr.io within 14 days of the action. The Operator will review the request and respond within 7 business days. The Operator retains sole discretion over all reinstatement decisions. Submitting a dispute does not guarantee reinstatement or suspend any enforcement action.

4.3 Law Enforcement Cooperation

The Operator may provide forensic log data (in hashed form) to law enforcement or regulatory authorities in response to a valid legal order. Where legally permitted, the Operator will make reasonable efforts to notify the affected Customer prior to disclosure.

5 - Billing & Credits

5.1 Prepaid Credits

The Service operates on a prepaid credit model. Credits are consumed on a per-request basis at rates published in the Service documentation. Credits have no cash value and are non-transferable. Credits expire 12 months from purchase. Expired credits are forfeited. Credits are consumed in first-in, first-out order.

5.2 Credits Upon Termination

  • Termination for AUP Violation - If the Operator terminates an account due to a breach of Section 3.2, any unused Credits are forfeited. No refund will be issued.
  • Termination for Other Reasons - If the Operator terminates an account for reasons other than a Customer's AUP violation, the Operator will issue a prorated refund of unused, non-expired Credits within 30 days.
  • Voluntary Cancellation - Customers who cancel their account may request a refund of unused Credits within 30 days of cancellation. Refunds are issued at the Operator's discretion.

5.3 Billing Disputes

Billing disputes must be submitted to legal@sphyr.io within 30 days of the charge in question. Disputes submitted after this window will not be considered.

6 - Data & Privacy

The Service collects and processes request metadata as described in the Privacy Policy located at https://sphyr.io/legal/privacy, which is incorporated into this agreement by reference. By using the Service, you consent to the data practices described therein.

In summary: the Service does not store plaintext URLs, IP addresses, or email addresses. All logged identifiers are one-way salted SHA-256 hashes. Raw diagnostic rationale is purged after 30 days; all log rows are deleted after 180 days.

7 - Operator Rights

7.1 Account Termination

The Operator reserves the right to suspend or terminate any Customer account that poses a threat to the Service's security, stability, or legal standing. For suspected security threats or active AUP violations, termination may occur without prior notice. For all other terminations, the Operator will provide at least 7 days written notice where practicable, except where prohibited by a legal obligation or ongoing investigation.

7.2 Enforcement Threshold Adjustments

The Operator may adjust enforcement thresholds — including entropy sensitivity, rate limits, and ban criteria — in response to evolving threats. The Operator will provide at least 48 hours advance notice of such changes, except in response to an active security incident, in which case changes may take effect immediately.

7.3 Policy Updates

The Operator reserves the right to update this document at any time. Material changes will be communicated via the email address associated with the Customer's account and/or posted to the Service website at least 14 days before taking effect. Continued use of the Service after the effective date constitutes acceptance of the revised terms.

8 - Security Research

Customers who identify a potential vulnerability in the Service and wish to conduct testing are required to obtain prior written approval from the Operator before any active probing. Researchers who disclose vulnerabilities responsibly — without prior unauthorized testing — will not be subject to automated enforcement for incidental policy triggers arising from good-faith disclosure activity.

To initiate responsible disclosure, contact security@sphyr.io.

9 - Limitation of Liability

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. THE OPERATOR DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR THAT ANY SPECIFIC REQUEST WILL BE BLOCKED OR ALLOWED.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE OPERATOR SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING FROM: (A) THE SERVICE'S FAILURE TO INTERCEPT A SPECIFIC REQUEST; (B) THE AUTOMATED SUSPENSION OR TERMINATION OF A CUSTOMER ACCOUNT; OR (C) ANY UNAUTHORIZED ACCESS TO OR USE OF THE SERVICE. THE OPERATOR'S TOTAL CUMULATIVE LIABILITY TO ANY CUSTOMER SHALL NOT EXCEED THE TOTAL FEES PAID BY THAT CUSTOMER IN THE 30 DAYS PRECEDING THE CLAIM. THIS LIMITATION APPLIES REGARDLESS OF THE LEGAL THEORY OF LIABILITY.

10 - Governing Law & Dispute Resolution

This agreement is governed by the laws of the State of Utah, United States, without regard to its conflict of law provisions. Any dispute arising under or related to this agreement shall be resolved exclusively in the state or federal courts located in Salt Lake County, Utah. Each party consents to the personal jurisdiction of such courts.

11 - Contact

Purpose Contact
Legal notices & AUP disputes legal@sphyr.io
Security & responsible disclosure security@sphyr.io
General support support@sphyr.io

Notices sent by email are deemed received when acknowledged by the Operator in writing.

12 - Indemnification

To the fullest extent permitted by applicable law, the Customer agrees to defend, indemnify, and hold harmless the Operator from and against any and all claims, damages, obligations, losses, liabilities, costs, and expenses (including reasonable attorney fees) arising from: (a) the Agent's use of and access to the Service; or (b) any violation of these Terms by the Customer or the Agent.

The Operator will provide prompt written notice of any claim subject to this indemnification and will cooperate reasonably in the defense. The Customer shall not settle any such claim in a manner that imposes obligations on the Operator without the Operator's prior written consent.