Terms
Launch evidence, not a warranty.
VibeAudit reports launch-readiness signals, scanner adapter status, Data Contract defaults, scoped Launch Evidence state, and risk drift. Unavailable or skipped adapters are disclosed as such. A Launch File is evidence for a verified scope, not a guarantee that software is secure.
Scanner honesty
VibeAudit must not claim verified security coverage where local structural evidence or required adapter input is unavailable.
Use boundary
Do not use Starter Launch Files as proof of verified security. Gated or metadata-only outputs remain Security Unverified until the required evidence exists.
Paid entitlement boundary
Paid browser state is convenience state only. Paid APIs require a server-issued entitlement token created after Stripe checkout verification or webhook fulfillment.
Active testing authorization
Thorough Scan is available only for exact origins you own or have written authorization to test, and only after you provide the required authorization attestation.
Active testing abuse forensics
For dynamic active testing, VibeAudit records the target origin, timestamp, authorization attestation, requesting account, IP address, and probe classes for abuse investigation and legal process. Raw response bodies, cookies, token values, source code, prompts, commands, and secrets are not retained in scan reports.
Acceptable use and indemnity
You must not scan third-party systems without permission, evade scope limits, test destructive paths, or use VibeAudit to disrupt another service. You agree to indemnify and hold VibeAudit harmless from claims, losses, penalties, costs, and attorney fees arising from unauthorized scans or your misuse of active testing.
No professional warranty
Launch Files and Launch Security Passes are evidence artifacts and triage aids. Clear states apply only to verified scope and are not legal, compliance, or security warranties.
