Terms of Service

Provider and contracting party

The provider and contracting party for VibeCodeGuard is listed in the Legal Notice / Impressum.

Authorized use

VibeCodeGuard scans only publicly reachable URLs. You may submit a URL only if you own it, operate it, or have permission to test it. Do not use VibeCodeGuard to scan third-party systems without authorization.

What the scanner provides

VibeCodeGuard provides automated security checks for headers, exposed files, injection probes, open redirects, rate limits, SSL posture, VibeCoding patterns, AI-agent runtime posture, Clawdbot/OpenClaw/Hermes/MCP public-surface signals, detected technologies, and report export. Results are informational and depend on what is publicly reachable at scan time.

What is not included

A VibeCodeGuard report is not a full manual penetration test, compliance certification, SOC 2 attestation, broad API inventory, AI-agent red-team engagement, or guarantee that an application has no vulnerabilities. Premium AI-agent findings may include owner-context test items for prompt injection, memory isolation, tool approvals, egress controls, logs, and cost limits; those require your own staging accounts, policies, and evidence. Use the findings as a launch checklist and confirm important issues in your own environment.

AI-agent scan limits

VibeCodeGuard uses bounded public GET probes for AI-agent runtime checks. Do not submit secrets, private prompts, customer records, memory dumps, production credentials, or raw logs. VibeCodeGuard does not intentionally invoke agent tools, MCP actions, shell commands, browser actions, email sends, file writes, purchases, or scheduler jobs on your behalf.

Payments and credits

Paid scans and scan credit bundles are purchased through Stripe. New-account Launch Check credits require a no-charge Stripe registration before use so the included free scan stays limited to one account. Credits are applied to eligible scans after payment succeeds. Prices are shown before checkout; applicable taxes or VAT are calculated and collected by Stripe Checkout where required.

Refunds and support

If checkout, queueing, or report generation fails because of a VibeCodeGuard service issue, contact support within 14 days with the scan or purchase ID so the issue can be reviewed. Approved refunds are processed through Stripe. Delivered reports are digital services that have already been performed, so refund requests after delivery are reviewed case by case.

Availability

Scan duration and availability can vary based on target response time, queue health, network conditions, and third-party provider availability. VibeCodeGuard may refuse or throttle scans that appear unsafe, abusive, or outside the intended public URL scanning scope.

Contact

Questions about these terms, billing, or report access can be sent to hello@vibecodeguard.com.