Terms of Service

1. The service

ShieldBot proxies your prompts to Anthropic and OpenAI, scans them for PII / secrets / prompt injection / MCP risks, optionally redacts or blocks, and records token usage. We forward requests with the upstream provider key you store with us; we do not run our own inference for your traffic.

2. Your key, your bill

Bring your own Anthropic / OpenAI key. We pay our infrastructure costs; you pay the upstream provider directly. Set a monthlyBudgetCents cap per key to protect yourself from runaway spend.

3. What we don't do

• Train models on your prompts.
• Sell or share your data with any third party.
• Log full prompt or response content — only redacted previews, token counts, and scan verdicts.
• Retry your requests; if upstream fails, the failure is returned verbatim.

4. Detection is not perfect

The scanner catches ~99% of OWASP LLM Top 10–style attacks on our internal corpus and ~0% of false positives on benign inputs, but novel attacks may slip through. You remain responsible for the prompts you send and the responses you process.

5. Service availability

Best-effort. We run on Google Cloud Run, scale to zero between requests, and aim for 99.5% availability. No SLA on the free tier.

6. Termination

Revoke any key from the dashboard at any time. We may revoke keys that violate these terms (notably: spamming the unauthenticated /v1/scan endpoint past the per-IP rate limit).

7. Contact

Reach out via your account email. Privacy questions: see the privacy policy.